ISO/IEC 27701 - privacy information management system

Demonstrate your commitment to proactively manage and protect personal information inline with legal requirements.

Building on ISO/IEC 27001, ISO/IEC 27701 covers management of risks related to Personally Identifiable Information (PII) and aids compliance with GDPR regulations. 

ISO 27701 provides a framework for management of data privacy. Privacy information management systems are sometimes referred to as personal information management systems.

What is ISO/IEC 27701

ISO/IEC 27701 is a data privacy extension to ISO 27001. It assists organizations to establish systems to support compliance with the European Union General Data Protection Regulation (GDPR) and other data privacy requirements but as a global standard it is not GDPR specific.

It allows an organization to manage and to regularly check the compliance status. This permits a continual improvement of the system to ensure confidentiality protection and address vulnerabilities.

ISO 27701 is designed as an extension of ISO 27001 and can be implemented simultaneously or at a later stage than ISO 27001.

Benefits of becoming certified

The standard takes a comprehensive approach to privacy information management and permits organizations to meet personal information protection requirements. 

ISO/IEC 27701 will help:

  • Clarify the roles and responsibilities within your organization.
  • Build trust in your company’s ability to manage personal information, both for customers and employees.
  • Support compliance with GDPR and other applicable privacy regulations.
  • Facilitate agreements with business partners where the processing of PII is mutually relevant.

Getting started

To obtain certification, you need to implement an effective privacy information management system complying with the requirements of the standard.

DNV is an accredited third-party certification body. We can help you throughout the journey, from information security to privacy information management. Our offer includes training, self-assessment, gap analysis and certification.

Learn more about how to get started on the road to certification.

More information

  ISO/IEC 27701

ISO/IEC 27701

Download our flyer.

  Training

Training

Relevant insight in an active learning environment.

  Your added value

Your added value

Find out more on the digital customer experience.