First developed in 2019, ISO 27701 is a standard for PIMS (Privacy Information Management System) certification. As an extension of the popular ISO 27001 standard, 27701 was originally intended as a means of offering guidance to organizations that found themselves having to comply with complex global privacy standards, including the California Consumer Privacy Act (CCPA), the EU’s GDPR (General Data Protection Regulation), and the New York SHIELD Act.
The standard has only become more and more relevant since its publication date, as the rate of data breaches, leaks, hacking and ransomware attacks rises. Aside from the protection of vital data, certification to ISO 27701 can thoroughly demonstrate to clients (and the public at large) how highly an organization values privacy protection and regulation.
Since 27701 itself is an extension of ISO 27001, it cannot be audited to by itself. Companies without an existing ISO 27001 certification or ISMS in place may first pursue ISO 27001 certification before adding 27701, or may choose to implement both in a simultaneous joint project.
PJR is here to support your pursuit of PIMS certification regardless of which avenue is best for your organization! For more information on ISO 27701, contact PJR today at (248) 358-3388 or send a request to [email protected] for a Project Manager in your area!