Professional Documents
Culture Documents
ISO 27701 Privacy Information Management System - © TÜV SÜD 2013
ISO 27701 Privacy Information Management System - © TÜV SÜD 2013
Privacy Information
Management System
Worldwide harmonised data
privacy approach
Your challenges and guidance for compliance with data protection laws,
As organisations embrace new technologies, the such as the EU’s General Data Protection Regulation
increased collection, use and transfer of personal (GDPR). The standard helps organisations to implement
data is impacting data security integrity. As data and continually improve a PIMS, as well as providing
privacy assurance is critical to supply chain business guidance for Personally Identifiable Information (PII)
relationships, any non-compliance with data protection controllers and PII processors.
regulations can significantly reduce stakeholder
confidence and trust. Consequently, legislators and Why is ISO/IEC 27701 important for your business?
regulators across the world are introducing new data ISO/IEC 27701 is applicable to every type and size of
governance laws and organisations face the complex organisation, where there are controllers and processors
task of complying with different regulations in multiple handling PII within an ISMS. This includes public and
jurisdictions. private companies, government entities and not-for-profit
organisations.
What is ISO/IEC 27701?
ISO/IEC 27701 is an extension to ISO/IEC 27001, the By helping organisations to comply with data protection
information security management system (ISMS) laws and clarifying the roles and responsibilities of PII
standard, and ISO/IEC 27002, which covers the code of controllers and processors, ISO/IEC 27701 helps to build
practice for information security controls. trust between an organisation and its stakeholders.
Documentary evidence that an organisation is correctly
The world’s first Privacy Information Management System handling PII delivers transparency between stakeholders
(PIMS) standard, ISO/IEC 27701 provides requirements and facilitates effective business collaboration.
TÜV SÜD
How can we help you? Your business benefits
TÜV SÜD is a leading provider of management system ■ Gain a competitive edge – ISO/IEC 27701 certification
services and an internationally accredited Certification creates a differentiator and increases stakeholder trust
Body. Our experts will help you to navigate the in your privacy and data protection practices.
complexities of ISO/IEC 27701 requirements and our ■ Achieve world-class standards – a rigorous risk and
audit findings will identify nonconformities so that any compliance driven approach meets the requirements of
gaps can be swiftly dealt with. This will ensure that your global data governance laws. Third-party certification
organisation is well positioned to develop new security from TÜV SÜD confirms your commitment to data privacy.
and privacy controls for PII processors and PII controllers ■ Improve transparency – measure and report data
and can maintain compliance to the standard after initial privacy improvements using detailed security and
certification. To save your organisation time and money, privacy controls.
we can also help you to integrate both your ISO/IEC 27001 ■ Minimise PII related risk – by keeping track of the
ISMS and ISO/IEC 27701 PIMS certification processes. evolving privacy threats and the regulatory landscape.