ISO/IEC 27701 is a standard geared towards the management of private information, defining requirements and providing guidelines that help companies manage privacy risks related to personally identifiable information (PII).
It is applicable to all types and sizes of organizations responsible for the control and processing of personally identifiable information, including public and private companies, government entities and non-profit organizations.
Because it complies with international regulations, this tool allows you to demonstrate to customers and other stakeholders that there are effective systems in place to support compliance with the GDPR and other privacy regulations around the world.
As an extension to ISO/IEC 27001 and ISO/IEC 27002, organizations wishing to obtain ISO/IEC 27701 certification must have an information security management system implemented in accordance with ISO/IEC 27001.