ISO 27701 - Privacy Information Management System

Published in 2019, ISO 27701 is an extension to the current ISO 27001 standard. This extension is optional and focuses specifically on Privacy management – something which the existing ISO 27001 standard does not address. With the introduction of the GDPR in 2016 and consequently an update to the Data Protection Act in 2018 which saw a significant increase in penalties, there is increasing pressure for organisations to have suitable controls in place to ensure that Privacy is managed and respected lawfully.

It is important to note that this standard cannot be implemented as a standalone management system and must be integrated with ISO 27001. Our qualified and experienced Consultants are able to implement the requirements of ISO 27701 at the same time as implementing ISO 27001 for those who do not currently have an information security management system or can do an extension to scope to integrate into an existing ISO 27001 management system you may already have.

Contact us today to discuss the privacy management system requirements for your business.

ISO 27701 PDF fact sheet download