BS ISO/IEC 27701:2019
This standard is no longer available. Please CLICK HERE to view our full British Standards range.
Security techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines
What is this standard about?
In anticipation of the changing regulatory landscape and the need for a common set of concepts to tackle personal data protection, ISO and the IEC have developed this standard as a privacy extension to BS EN ISO/IEC 27001 and BS EN ISO/IEC 27002. These two standards deal with requirements for an Information Security Management System (ISMS). BS EN ISO/IEC 27701 deals with how to establish and run a Privacy Information Management System (PIMS) that adds Personally Identifiable Information (PII) security protection to an existing ISMS.
Who is this standard for?
It applies to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organisations. Within these, specifically to: PII controllers (including those who are joint PII controllers)PII processors processing PII within an ISMSWhy should you use this standard?
Because it specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to BS EN ISO/IEC 27001 and BS EN ISO/IEC 27002 for privacy management within the context of the organisation.
It specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.
The standard can help organisations demonstrate compliance with GDPR and other data protection regulations globally by showing that the right measures have been taken to handle personal information, in a way that aligns with regulatory requirements.
Moreover, many organisations have implemented an ISMS based on BS EN ISO/IEC 27001 (and the guidance from BS EN ISO/IEC 27002). This standard provides a natural step for those clients by extending their current ISMS for privacy protection. It reduces complexity by having an integrated approach.
Finally the standard helps create transparency between stakeholders and build trust between organisations; as such it also contributes to more effective and collaborative business agreements.
NOTE: To use BS ISO/IEC 27701 you need to have BS EN ISO/IEC 27001, since BS ISO/IEC 27701 extends the requirements in BS EN ISO/IEC 27001.
If you do not have BS EN ISO/IEC 27001, instead use BS 10012 for your Privacy Information Management System because it doesn't depend on BS EN ISO/IEC 27001.
| ISBN | 9780580964398 |
|---|---|
| Publication Status | Out Of Print |
| Publication Date | 07/08/2019 |
| Format (Paperback, Hardback etc) | A4 |
| Total Pages | 76 |
| Brand / Publisher | BSI |
| Publisher | BSI |
We offer customers a wide range of delivery options from Free (7-10 working days) ... right up to by Next Day by 9am (subject to location and stock availability).
- Simply choose your preferred service when checking out
- We show "live" stock levels for all publications
- Orders received after 3:45pm will be processed on the next working day.
- Unless specifically requested, our delivery partners will not attempt a weekend delivery
We offer all customers a "No Quibble" 28 day returns policy.
If you need to return a title for any reason ...
- Contact our customer services team first to explain what you are returning and the reason
- Request a Returns Authorisation Number
- We will email you this and a link to arrange your return quickly & easily via Royal Mail
- Take your return to your nearest Post Office and they will do the rest
Please refer to our Returns page for full details & charges.