1.1. What is ISO/IEC 27701?

ISO/IEC 27701 is the international standard for the Privacy Information Management System (PIMS). It is a privacy extension of ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Security Controls. It helps both personally identifiable information (PII) processors and PII controllers put in place robust data processes and controls by providing guidance and requirements regarding the protection of privacy. This means you can demonstrate accountability for managing PII, instilling trust and building strong working relationships.

1.2.What types of organizations can benefit from ISO/IEC 27701?

ISO/IEC 27701 is ideal for organizations of any type and size that want to demonstrate that they take personal information protection seriously.

Whether you are a public or private company, government agency, or non-profit organisation, if your organization is responsible for handling PII within an information security management system, ISO/IEC 27701 is for you;

Specific organizational roles include:

• PII controllers (including those with common PII controllers)
• PII processors

1.3. Benefits of ISO/IEC 27701

• Builds trust in PII management.
• Supports compliance with privacy regulations.
• Reduces complexity by integrating with ISO/IEC 27001.
• It facilitates effective business relationships.
• Clarifies roles and responsibilities.