This course addresses the privacy information management system based on ISO/IEC 27701:2013 in detail and including references from ISO 27001 and 27002. It explains how ISO 27701 can assist in the process of protecting personal information to comply with privacy laws and regulations without being tied to a specific law or regulation, and why it is a reference for any privacy information management system regardless of the size of the organization, applicable laws and regulations or segment in which it operates.
ISO 27701 is an extension of ISO 27001 – information security management and also of ISO 27002 that focuses on security controls. It is an international standard guiding how to protect privacy, including how organizations should manage personal information and also guidance on how you can demonstrate compliance with privacy regulations around the world.
ISO 27701 applies to all types and sizes of organizations, including public and private, governmental, and non-profit entities. It guides those who are responsible for processing personal information through the use of the information security management system
ISO 27701 is another successful project of ISO/IEC, and brings numerous benefits to your organization:
Build confidence in personal information management
Provides transparency to interested parties
Facilitates business agreements
Clarifies roles and responsibilities
Supports compliance with privacy laws and regulations