ISO 27701 – Privacy Information Management

INTRODUCTION

ISO/IEC 27701 is an extension of the requirements of ISO 27001 and the ISO 27002 codes of practice. This new standard is based on the requirements, controls and objectives of ISO/IEC 27001 (Information Security Management). It has been developed by the International Standardization Organization (ISO) and the International Electrotechnical Commission (IEC) for organisations to manage the security and privacy of the personal information they handle in their processes.

WHAT ARE THE OBJECTIVES ACCORDING TO ISO/IEC 27701?

To preserve the confidentiality, integrity and availability of information
To reduce privacy risks in the processing of personal data
To ensure the privacy of personal data and compliance with personal data protection regulations

BENEFITS

Easy integration with the ISO/IEC 27001 Information Security Standard
Improves contract management with data processors
Clarifies roles and responsibilities for processing within the organisation
Provides transparency to stakeholders
Facilitates business arrangements where the processing of personal information is mutually relevant
Builds trust and provides transparency among stakeholders

WHO IS THE STANDARD FOR?

This standard is aimed at any organisations that have Information Security Management Systems certified under ISO/IEC 27001:2017. Organisations that do not have Security Management Systems will have to implement ISO 27001 and ISO 27701 together, as the latter is an extension of ISO 27001. This certification is useful for any company, regardless of size or activity, including public sector, private sector, governmental or non-profit organisations.

WHY APPLUS+ CERTIFICATION?

Applus+ Certification is an independent and prestigious entity that aims to help organisations achieve their commitment to continuous improvement.We analyse the needs of our clients so that our auditors, specialists in each sector of activity, can provide a service that provides maximum value when assessing the compliance of your organisation.Our teams develop specific certification plans based on our clients' structure, processes and activities.Our international presence, extensive product portfolio and accreditations enable us to provide a global, expert service tailored to your organisation's needs.

Get a quote

RELATED SERVICES

Applus+ uses first-party and third-party cookies for analytical purposes and to show you personalized advertising based on a profile drawn up based on your browsing habits (eg. visited websites). Click HERE for more information. You can accept all cookies by pressing the "Accept" button or configure or reject their use by clicking here.

Cookie settings panel

Essential cookies

They allow the operation of the website, loading media content and its security. See the cookies we store in our Cookies Policy.

Always active
Analytics cookies

They allow us to know how you interact with the website, the number of visits in the different sections and to create statistics to improve our business practices. See the cookies we store in our Cookies Policy.

RELATED SERVICES

ISO/IEC 42001:2023 - Artificial intelligence (AI) information technology management system

ISO 27032:2023 Cybersecurity Management System

Certification in DORA Regulation - Digital Operational Resilience Act

UNE-EN IEC 81001-5-1:2022 Healthcare software and health IT systems safety

NIS2 Directive Certification