BS ISO/IEC 27701:2019 - Kit - Privacy Information Management

BS ISO/IEC 27701:2019 Kit

Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management kit

Status : Current   Published : August 2019

Format
PDF

Format
HARDCOPY



You can now put a PIMS in place with relative ease using the brand new Privacy Management Kit which includes the 3 standards below.

  1. BS ISO/IEC 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management -- Requirements and guidelines
  2. BS EN ISO/IEC 27001:2017 Information technology. Security techniques. Information security management systems. Requirements
  3. BS EN ISO/IEC 27002:2017 Information technology. Security techniques. Code of practice for information security controls 

What is this standard about?  

In anticipation of the changing regulatory landscape and the need for a common set of concepts to tackle personal data protection, ISO and the IEC have developed this standard as a privacy extension to BS EN ISO/IEC 27001 and BS EN ISO/IEC 27002. These two standards deal with requirements for an Information Security Management System (ISMS).
BS EN ISO/IEC 27701 deals with how to establish and run a Privacy Information Management System (PIMS) that adds Personally Identifiable Information (PII) security protection to an existing ISMS. 

If you’re involved with information security and understand the need to step up your organization’s approach to personal information handling, you should buy BS ISO/IEC 27701:2019 Kit.


Who is this standard for?

It applies to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations. Within these, specifically to:
PII controllers (including those who are joint PII controllers)PII processors processing PII within an ISMSWhy should you use this standard?

Because it specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to BS EN ISO/IEC 27001 and BS EN ISO/IEC 27002 for privacy management within the context of the organization.

It specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.

The standard can help organizations demonstrate compliance with GDPR and other data protection regulations globally by showing that the right measures have been taken to handle personal information, in a way that aligns with regulatory requirements.      

Moreover, many organizations have implemented an ISMS based on BS EN ISO/IEC 27001 (and the guidance from BS EN ISO/IEC 27002). This standard provides a natural step for those clients by extending their current ISMS for privacy protection. It reduces complexity by having an integrated approach.

Finally the standard helps create transparency between stakeholders and build trust between organizations; as such it also contributes to more effective and collaborative business agreements.    

NOTE: To use BS ISO/IEC 27701 you need to have BS EN ISO/IEC 27001, since BS ISO/IEC 27701 extends the requirements in BS EN ISO/IEC 27001.

If you do not have BS EN ISO/IEC 27001, instead use BS 10012 for your Privacy Information Management System because it doesn’t depend on BS EN ISO/IEC 27001.

 




Standard NumberBS ISO/IEC 27701:2019 Kit
TitleExtension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management kit
Titles in this kitBS EN ISO/IEC 27001:2017 Information technology. Security techniques. Information security management systems. Requirements

BS ISO/IEC 27701:2019 Security techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines

BS EN ISO/IEC 27002:2017 Information technology. Security techniques. Code of practice for information security controls

StatusCurrent
Publication Date15 August 2019
Normative References(Required to achieve compliance to this standard)No other standards are normatively referenced
Informative References(Provided for Information)No other standards are informatively referenced
ICS03.100.70
35.030
35.040
CommitteeIST/33/5
PublisherBSI
FormatA4
DeliveryYes
File Size0 KB
Price£449.10


 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents


BSOL

The faster, easier way to work with standards


Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version


Develop a PAS

Develop a fast-track standardization document in 9-12 months


Customers who bought this product also bought

  • BS EN ISO/IEC 27002:2017
    Information technology. Security techniques. Code of practice for information security controls
  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements
  • BS ISO/IEC 27701:2019
    Security techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines