ISO 27701:2019 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO 27001 for privacy management.
ISO 27701 is relevant for controllers and processors of personally identifying information (PII) and is fully aligned with GDPR
This add-on is designed to upgrade Instant 27001 to function as a PIMS, by providing:
- 6 additional requirements for existing ISO 27001 clauses (chapters 4 thru 10)
- 33 implementation guidelines for existing ISO 27001 Annex A controls
- 18 additional controls for data processors (Annex B)
- 31 additional controls for data controllers (Annex C)
- Implementation instructions for all additional controls
- Sample policies and a processing register for all controlling and processing activities
- Per control an indication of how much extra work is imposed for organizations that already have Instant 27001 in place
Instant 27001 add ons can be installed by importing them and subsequently merging them with the existing content. Instructions to do so are included. Alternatively, you can let us do the work for you!
- ISO 27701 add-on ISMS: € 995 (for existing Instant 27001 clients)
- Instant 27001 + ISO 27701 add-on: € 2990
Depending on your location, local taxes may apply (read more).