ISO 27701

First developed in 2019, ISO 27701 is a standard for PIMS (Privacy Information Management System) certification. As an extension of the popular standard, ISO/IEC 27001, this standard was originally intended as a means of offering guidance to organisations that found themselves having to comply with complex global privacy standards, including the California Consumer Privacy Act (CCPA), the EU’s GDPR (General Data Protection Regulation), and the New York SHIELD Act.

The standard has become more relevant as the rate of data breaches, leaks, hacking, and ransomware attacks rises. Aside from the protection of vital data, certification to this standard can thoroughly demonstrate to clients (and the public at large) how highly an organization values privacy protection and regulation.

Since ISO 27701 is an extension of ISO/IEC 27001, it cannot be audited to by itself. Companies without an existing ISO/IEC 27001 certification or ISMS in place can pursue ISO/IEC 27001 certification before adding ISO 27701. Companies may also choose to implement both in a simultaneous joint project.

PJR UK is here to support your pursuit of PIMS certification, regardless of which avenue is best for your organisation! For more information, contact PJR today at +44 (0) 2033 071986 or send a request to [email protected].