An extension to ISO 27001/02.

What is ISO 27701?

The new ISO 27701 (pre launch referred to as ISO27552) standard is an extension to ISO 27001/02, and expands the mandatory clauses and controls (4 to 10), to encompass privacy requirements. This will continue to drive organisations to have Data Privacy by design and default, within their Information Security Management System (ISMS).

The new standard will specify a Privacy Information Management System (PIMS) based on ISO/IEC 27001, 27002 and 29100 (privacy framework). It will apply to both controllers and processors of Personally Identifiable Information (PII), who will see new specific guidance, and have obligations to meet.

Adopting this new standard will strengthen and enhance all Data Protection and GDPR policies and procedures, which organisations have in place. It will also bring many potential benefits for PII Controllers and PII Processors.

Who does it affect?

All organisations who are certified or compliant to ISO 27001/2, will want to adopt this new standard, ISO 27701. Organisations who want to be certified in ISO 27701 will need to be certified to ISO 27001, as a prerequisite. Advent IM can help your organisation implement the standard or to get certified.

What next?

The acceptance of this as a certifiable international standard, means Advent IM will have this as a capability, to help you ensure your organisation is complying.
With no obligation, Advent IM experts are happy to discuss what means for your organisation. In the first instance please call us on 0121-559-6699.

ISO 27701:2019

Download our ISO 27701:2019 compliance information as a leaflet.

Book your ISO27701 meeting today.