What is ISO 27001 Privacy Information Management System
ISO 27701 is the International standard that sets out the requirements for a privacy information management system based on ISO 27001 ISMS .
It specifies Privacy Information Management System PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.
ISO/IEC 27701 can help business manage its privacy risks with confidence. Microsoft and Google have implemented ISO 27701 to protect data privacy in the cloud.
Benefit of ISO 27701
- Sustain competitiveness
- Meet with Client requirement
- Provide the assistance to support compliance with GDPR.
- Proactively control Personally Identifiable Information.
- Boosts the corporate reputation through recognition of the ISO 27701.
- Enhance Clients’ trust
What is it for ?
- handing a huge amount of database including personal data
Looking for a helpful ISO 27701 Consultant?
Frequent Asked Question
The Fees depend on company size, number of locations, business nature and operation complexity.
For Company (Staff < 20), it take 6 months on average.
For Company (Staff ~50), it take 8 months on average.
For Company (Staff ~100), it take 8-10 months on average.
You may take below steps :
1) ISO 27701 Gap Analysis.
2) Establishment of ISO 27701 Documentation.
3) Attend ISO 27701 Training.
4) Implementation of ISO 27701 System.
5) Arrange an Internal Audit
6) External ISO 27701 Audit by Certification Body.
Company should have implemented ISO 27001 ISMS before.
There are two major Fees.
1) ISO 27701 Certification Fee charged by Accredited Certification Body such as SGS, Lloyd’s Register, BV, BSI….
2) Consultant Fee charged by us.
The Fees depend on company size, number of locations, business nature and operation complexity
Yes. You can take a series of training courses, draft the documentation…. liaise with Certification Body if you have sufficient time and master the ISO 27701 requirements
No. Because of conflict of interest. Certification Body can provide ISO 27701 Standard generic training only but cannot tell you how to implement ISO 27701 System in your company.
Absolutely Yes. In general, ISO Consultant will draft documentation, guide your company to implement ISO 27701 system until passing in ISO 27701 Certification Audit.
In general, the company can put the ISO 27701 logo in the website, name card and letterhead after receipt of corresponding ISO 27701 Certificate