For the second year, the ISO/IEC 27701: 2019 standard for data protection management is available for interested parties.
The standard aims to extend the existing ISO/IEC 27001 Information Security Management System (ISMS) to include additional requirements for the establishment, implementation, maintenance and continuous improvement of a Privacy Information Management System (PIMS). The standard outlines a framework of requirements for controllers and processors of Personally Identifiable Information (PII) to reduce the risk of breaches of individuals' privacy rights.
ISO/IEC 27701 is intended to be a certifiable extension of ISO/IEC 27001 certifications.
In other words, organizations that plan to seek ISO/IEC 27701 certification will also need to be ISO/IEC 27001 certified.
TÜV NORD can therefore offer its customers an extension of the existing accredited ISMS certification to include the requirements of ISO/IEC 27701, thus offering an alternative to the non-accredited certification previously used by BS 10012.
What are the main advantages, read here.
For more information, please contact: saroch@tuev-nord.cz, +420 602 664 895