IT Governance, the leading provider of cyber security and privacy management solutions, has released a new green paper: ISO 27701 – Privacy information management systems. ISO/IEC 27701:2019 is a new privacy-focused standard that provides organisations with a comprehensive set of guidelines for managing security of information and personal data. The Standard builds upon the internationally recognised standard for information security management, ISO 27001, and specifies the requirements for developing a privacy information management system (PIMS) as an extension to an established ISO 27001 information security management system (ISMS).
Alan Calder, founder and executive chairman of IT Governance, said: “ISO 27701 requires organisations to implement controls that closely align with those of an ISO 27001 ISMS, and address data privacy risks in conjunction with information security. “While an ISMS helps organisations keep data accurate, available and accessible only to authorised staff, a PIMS focuses on ways an organisation collects and processes data and protects it from unauthorised disclosure.”
Mapping organisations
This green paper explains how ISO 27701 differs from and complements ISO 27001, and helps organisations map their compliance with data protection legislation such as the GDPR, Data Protection Act (DPA) 2018 and California Consumer Privacy Act (CCPA). To download ‘ISO 27701 – Privacy information management systems’, please click here. IT Governance also offers a range of products and services to help organisations implement ISO 27701 and ISO 27001, and meet the necessary privacy and information security requirements.
On-site or online consultancy
It uses its bestselling tools, software, guides and qualification-based training in conjunction with on-site or online consultancy to provide organisations with expertly created ISO 27001 implementation bundlesthat meet the unique needs of any-sized organisation and help reduce the time and effort required to implement an ISMS.
Privacy professionals interested in learning how to implement an ISO 27701-compliant PIMS can also attend IT Governance’s practitioner-led Certified ISO 27701 PIMS Lead Implementer Live Online Training Course.
Source: https://www.itgovernance.co.uk