An ISO/IEC 27701 certification audit from SGS will help you to ensure that your organization has a solid privacy information management system (PIMS) in place.
Every organization deals with personal/private information, e.g. names, date of birth, national identifiers, gender and salary information.
ISO/IEC 27701 is an extension of ISO/IEC 27001 (information security management systems, ISMS) and ISO/IEC 27002 (information security controls). As such, an ISO/IEC 27001 certificate is a prerequisite for certification to ISO/IEC 27701.
Building on the above standards, ISO/IEC 27701 specifies the requirements and guidance for establishing, implementing, maintaining and continually improving a PIMS specific to your organization. It outlines PIMS-related requirements and guidance for personally identifiable information (PII) controllers and processors that are responsible and accountable for PII processing.
ISO/IEC 27701 applies to all organizations that are PII controllers and/or processors that process the relevant information within an ISMS.
Long-term benefits of ISO/IEC 27701 certification include:
- Greater trust in managing personal information
- More transparency between key people
- Effective business agreements
- Defined roles and responsibilities
- Compliance with privacy regulations
- Decreased complexity through integration with ISO/IEC 27001
Aligning with the UN Sustainable Development Goals (SDGs)
ISO/IEC 27701 contributes to UN Sustainable Development Goal nine.
How can SGS help?
With years of worldwide experience in privacy protection, we can help you along the path to certification with an ISO/IEC 27701 audit. Your audit can include a gap assessment and benchmarking. We will determine your level of information security competence and provide advice on how to achieve ongoing improvement.