ISO/IEC 27701 and the privacy information management system requirements

ISO/IEC 27701:2019 is the international standard for privacy information management. It is structured in the same way as ISO/IEC 27001 – hence from the establishment of the privacy information management system (PIMS) through to its review and adaptation. There are also sections on performance evaluation and improvement. Addressing the requirements in this order, though, is not a requirement in … [Read more...]

Why your organisation should implement ISO 27701

There’s a new standard for data privacy: ISO 27701. Released earlier this year as an extension to the ISO 27000 series, it provides essential guidance to help organisations protect sensitive information and meet data subject rights.  ISO 27701 fills a gap left by the GDPR (General Data Protection Regulation), which contains strict rules about privacy management but doesn’t advise organisations on … [Read more...]

ISO 27701: the new international standard for data privacy

There’s a new standard for data privacy – ISO 27701. It’s the first document in the ISO 27000 series dedicated to privacy, explaining how organisations can create a PIMS (privacy information management systems) and meet best practices outlined in regulations such as the GDPR (General Data Protection Regulation).  Its controls will be very familiar to those who have adopted ISO 27001, the … [Read more...]