We serve all U.S.A. 100% Satisfaction
Response in less than 24 hours info@usaisocert.com
+1(619) 844-4550
ISO 27701:2019 Security techniques
The ISO 27701:2019 specifies the requirements and provides guidelines for the establishment, implementation, maintenance, and continuous improvement of an Information Privacy Management System (IPMS) as an extension of the ABNT NBR ISO/IEC 27001 and ABNT NBR ISO/IEC 27002 for privacy management within the context of the organization.
USA ISO CERT can help you obtain the certification you need. With our global experience, we understand all the legal implications your organization faces, from international laws to local legislation.
Wherever you are. Whatever the culture. You can count on Certibrasil to help you protect your workforce.
Requirement
This document specifies the requirements and provides guidelines for the establishment, implementation, maintenance, and continuous improvement of an Information Privacy Management System (IPMS) or Privacy Information Management System (PIMS) as an extension of the NBR ISO/IEC 27001 and NBR ISO/IEC 27002 for privacy management within the context of the organization.
Thus, ISO 27701:2019 aims to help companies demonstrate to agencies, public bodies, investors, and society that the organization is committed to adopting effective controls considered international best practices in personal data/PII (personally identifiable information) protection.
It aligns with the General Data Protection Regulation (GDPR) of the European Union, as well as our General Data Protection Law (LGPD), which will come into effect in August 2020.
It is applicable to all types of organizations, both public and private, and also relates to other technical standards that support compliance implementation.
In other words, ISO 27701:2019 specifies the requirements and provides guidelines to establish, implement, maintain, and continuously improve—based on the requirements, objectives, and controls in the information security management standard ISO 27001, extended by a set of privacy-specific requirements, objectives, and controls.
Target audience:
- Employees of organizations who are or intend to become auditors, and/or will be conducting internal audits of Information Security Management Systems, in accordance with ISO 27001:2013;
- Professionals who intend to become Internal Auditors of Information Security Management Systems;
- Internal auditors of Information Security Management Systems who wish to update their knowledge.
