What is ISO 27701? ISO 27701 is a privacy extension of the international standard for information security management, ISO 27001, for the management of privacy information (personal data). ISO 27701 details the requirements and provides the necessary guidance for establishing, implementing, maintaining, and improving a Privacy Information Management System (PIMS).
Like the ISO 27001 standard, ISO 27701 does not expect organisations to adopt every single control in all situations. Instead, it requires organisations to understand the specific context in which they process personal data and adjust the specific set of controls and their implementation appropriately to their personal data processing activities.
For more information see our information portal www.27701.pt.
One of the first steps towards compliance with ISO 27701 is understanding the current state of your organisation. Our detailed assessment reveals gaps and guides your privacy strategy.
Our methodology
1. Preparation Phase
In this initial phase, the project plan will be defined and agreed upon, including objectives, timeline, and expectations. This step ensures that all parties are aligned regarding the scope and approach of the ISO 27701 Assessment.
2. Interviews Phase
During this phase, Devoteam Cyber Trust carries out the ISO 27701 Assessment actions based on your internal practices, respecting and integrating, whenever possible, the practices already implemented in the evaluated organisation.
3. Reporting Phase
The results obtained in the Assessment are documented and classified according to the evaluated organisation’s practices, in relation to the fulfilment of the ISO 27701 requirements and controls. For the identified gaps, detailed recommendations will be provided for implementing actions aimed at fully complying with the ISO 27701 requirements and controls.
Organisations with ISO/IEC 27001 certification and wishing to implement ISO/IEC 27701 requirements should consider the following phases:
Ensure compliance with ISO 27701 and protect your company's data. Contact us to get started!
How to maintain ISO 27701 compliance?
Privacy management does not end with ISO 27701 certification. It is important that
organisations maintain a methodical and ongoing process that supports evidence of how they
handle the processing of personal data.
Devoteam Cyber Trust solutions enable organisations to continuously improve their ISO/IEC 27701 privacy
management system.
And we are present in 18 more countries across EMEA.
Cookie Consent X
Devoteam Cyber Trust S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.