ISO 27701 Certification: Privacy Information Management

Demonstrate your commitment to proactively manage and protect personal information in line with legal requirements.

ISO/IEC 27701 is designed to help organizations of all sizes manage personally identifiable information (PII) responsibly and aids compliance with GDPR regulations. The updated standard marks a milestone in global data privacy.

What is ISO/IEC 27701

ISO/IEC 27701 has now become a stand-alone standard aimed at further strengthening privacy information management systems (PIMS) for organizations worldwide rather than being an extension of ISO/IEC 27001.

It assists organizations to establish systems to support compliance with the European Union General Data Protection Regulation (GDPR) and other data privacy requirements but as a global standard, it is not GDPR specific.

Benefits of becoming certified

The standard takes a comprehensive approach to privacy information management and permits organizations to meet personal information protection requirements. 

ISO/IEC 27701 will help:

• Clarify the roles and responsibilities within your organization.
• Build trust in your company’s ability to manage personal information, both for customers and employees.
• Aligns with global regulations like GDPR, and other applicable privacy regulations..
• Facilitate agreements with business partners where the processing of PII is mutually relevant.

Getting started

To obtain certification, you need to implement an effective privacy information management system complying with the requirements of the standard.

DNV is an accredited third-party certification body. We can help you throughout the journey, from information security to privacy information management. Our offer includes training, self-assessment, gap analysis and certification.

Learn more about how to get started on the road to certification.