Back to the Glossary

ISO 27701

ISO 27701 defines the requirements for a Privacy Information Management System (PIMS). It is designed to help organizations manage and protect Personally Identifiable Information (PII).

The ISO standard ISO/IEC 27701 is a specialized extension of the information security standard (ISO 27001), focusing specifically on managing privacy-related information.

The standard's documentation and training help employees address and implement critical controls to protect PII. It is closely related to the General Data Protection Regulation (GDPR).

Frequently Asked Questions (FAQs) Associated with ISO 27701

The sources place ISO 27701 within the context of the ISO 27000 series and broader regulatory compliance for privacy and data protection.

1. How does ISO 27701 relate to the Information Security Management System (ISMS)?

ISO 27701 is part of the ISO 27000 series of standards. This series generally deals with Information Security, with ISO 27001 defining the requirements for the overarching ISMS.

ISO 27701 functions as an extension or specialization of the ISMS, focusing specifically on privacy management systems (PIMS).

2. What specific type of information does ISO 27701 address?

The standard primarily addresses the protection and management of Personally Identifiable Information (PII). This concern aligns it with other security standards in the series, such as ISO 27018, which addresses PII Cloud Security.

3. How does ISO 27701 support compliance with external privacy regulations?

ISO 27701 is closely linked to general data protection requirements, specifically GDPR (General Data Protection Regulation). Organizations offer training courses that provide the knowledge and tools needed to navigate GDPR regulations and align with ISO standards, including ISO 27701.

4. What resources are available for implementing ISO 27701?

Organizations seeking to comply with ISO 27701 can access specific training and certification services:

  • Certification: ISO 27701 Certification is available through certification bodies.
  • Training: ISO 27701 Training Courses are offered to help employees address and implement critical controls to protect PII.

Ready to see what Botable can do for you?

Book your demo now to see how Botable can transform your workplace.

Identify your unique challenges

Flexible pricing options

Easy integrations

Step-by-step implementation plan

Customize Botable for your workflow

Book a demo

Find out how Botable can answer your employee’s questions in just 30 minutes.