ISO/IEC 27701 is the international standard that serves as an extension to an ISO 27001/ ISO 27002 ISMS. It provides guidelines for implementing, maintaining and continually improving a Privacy Information Management System (PIMS).
Almost every organisation has personally identifiable information (PII).
This standard is ideal for organisations wishing to implement a privacy management system that supports its ISMS objectives, and helps to meet its privacy compliance requirements, such as those required by the GDPR and the DPA 2018.
ISO/IEC 27701 supports an established information security management system (ISMS) aligned to ISO/IEC 27001, because it extends the requirements in ISO/IEC 27001.
If you do not have an ISMS which is compliant with ISO/IEC 27001, we recommend you purchase BS 10012:2017 for your PIMS because it doesn’t depend on an already-established ISMS.