ISO 27701

ISO 27701


The ISO/IEC 27701 standard is part of the ISO/IEC 27001 series of standards and defines advanced controls for the management of privacy and Personally Identifiable Information (PII ) .

Clarifies how to "improve" (adapt and extend) an ISO/IEC 27001 system in the context of both information security risks and risks associated with the processing of PII, including risks to PII principles.

Being Guidelines, the ISO/IEC 27701 standard is therefore not certifiable.

Nonetheless, as envisaged by the Accredia circular, it is possible to obtain an integration of an existing ISO/IEC 27001 certificate , provided it is issued by a recognized certification body, such as CSQA .

Integration with ISO 27701 is intended to demonstrate the company's ability to ensure data protection .

CSQA is accredited by ACCREDIA .


    The standard provides guidance for the protection of personal information that varies according to the context of the organization , particularly where national laws and/or regulations exist. ISO/IEC27001 requires that this context be understood and taken into account.

    ISO/IEC ISO 27701 includes mapping to:
    • privacy framework and principles defined in ISO/IEC29100;
    • ISO/IEC27018;
    • ISO/IEC29151.


      • It helps service providers address applicable legal obligations as well as customer expectations.
      • Facilitates the making of agreements with business partners where the treatment of PII is mutually relevant.
      • It improves the transparency and credibility of the activities carried out.
      • Increase customer trust .

      Would you like to have more informations?

      Contact us

      Download - Documents and pdf

      Fill out the form below in order to access the resource you requested

      Fields marked with an asterisk (*) are required