ISO 27701 Guideline for Privacy Information Management

Quick question: Are you ISO27001 certified (or at least compliant)?

If yes then,

in your business are there any processes to handle personal information?

  • If yes then, you need to implement ISO27701:2019 guideline, on top of your existing ISO27001:2013 compliance implementation.

If you are not sure, or if this does not answer your concern then first of all please know a little bit about

Once you went through above, please read below :

ISO27701 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization.

This document specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing. This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors processing PII within an ISMS.

As per NIST cyber security standard following are few sample parameters which may get identified as PII.

  • National identification number (e.g., Social Security number in the U.S.)
  • Bank account numbers
  • Passport number
  • Driver's license number
  • Credit card numbers
  • Full Name
  • Home Address
  • City
  • State
  • Postcode
  • Country
  • Telephone
  • Age, Date of Birth, especially if non-specific
  • Gender or race
  • Web cookie

Valency Networks has certified compliance implementers and auditors to deploy the above mentioned guideline.

Contact us for further information on ISO27001, GDPR and ISO27701 standards.

Our Culture

Valency Networks is a very agile, friendly and fun loving atmosphere and yet we maintain a cutting edge technical vibrant work environment.