Head Office (086 109 9473)|Cape Town Office (021 525 9159)
Head Office (086 109 9473)|CPT Office (021 525 9159)
Training Catalogue
WWISE One Pager
FAQ
Training Venue and Conferencing
Home / About ISO / ISO/IEC 27701:2019
WWISE

    ISO/IEC 27701:2019

    ISO/IEC 27701:2019 Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management

    ISO/IEC 27701:2019 was created to complement the very commonly used ISO/IEC 27001:2022 and ISO/IEC 27002:2022 Information Security Management standards.

    This recently published standard offers guidance for businesses wishing to set up infrastructure to enable GDPR (General Data Protection Regulation) and other data privacy regulations.

    ISO/IEC 27701:2019, also known as The Privacy Information Management System (PIMS), provides a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy.

    To comply with the General Data Protection Regulation (GDPR), ISO/IEC 27701:2019 establishes a strong integration point for coordinating security and privacy controls. This integration is achieved through a framework for managing personal data that can be used by both data controllers and data processors.

    What is ISO/IEC 27701:2019?

    ISO/IEC 27701:2019 is a privacy extension to the ISO/IEC 27001:2013 Information Security Management and ISO/IEC 27002:2013 Security Controls Standards. It provides guidance on the protection of privacy, including how organizations should manage personal information, and assists in demonstrating compliance with privacy regulations around the world.

    ISO/IEC 27701:2019 indicates the requirements and provides guidance for establishing, implementing, maintaining, and continually improving a Privacy Information Management System (PIMS). It specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.

    What are the Benefits of Implementing ISO/IEC 27701:2019?
    • It will clarify roles and responsibilities,
    • Supports compliance with privacy regulations,
    • Provides transparency in interested parties,
    • Builds trust in managing any personal information kept,
    • Assist with effective business agreements,
    • Can be easily integrated with ISO/IEC 27001:2013
    • Strategic governance, and
    • Privacy compliance.

     

    What are the benefits of implementing ISO 21500:2021?

    The benefits of ISO 21500:2021 certification include, but are not limited to:

    • Master project management skills.
    • Improving project delivery.
    • Providing shared project management processes and principles.
    • Transparent and improved decision-making.
    • Helps to unify the profession by building a common language and standard processes.
    • Improved performance reviews.
    • Increased self-esteem.

    Standards can be used to streamline the internal processes of your organisation, for example by reducing the time needed to perform specific activities by various business functions, decreasing waste, reducing procurement costs, and increasing productivity.

     

    How do I implement ISO/IEC 27701:2019 in an organisation?

    ISO Consulting & Implementation:

    We have a range of professional consultants, engineers, and registered auditors to assist in implementing and maintaining any ISO management system. Our industry expertise includes services, telecommunication, manufacturing, construction, engineering services, fast-moving consumer goods, mining, power generation, state owned companies, and government-run organisations. A good consultant takes the time to truly understand the processes of your company.

    Therefore, they can approach the implementation of ISO requirements accordingly. The cost of hiring a consultant and the time spent to implement your ISO management system will definitely pay off in the long run.

    WWISE has a 4-Phase Approach:

    • Phase 1: Gap Analysis Audit and Information Gathering
    • Phase 2: ISO Documentation, Risk Assessment, and Process Mapping
    • Phase 3: Implementation and Coaching
    • Phase 4: Certification

    WWISE provides a turnkey solution which includes templates, 1-on-1 coaching, on-the-job training, and mentorship. As a consulting firm, we do not provide certification services. However, we will guide you through the certification process and ensure that your business becomes certified.

    Why Choose WWISE to Assist your Organisation:
    Click here to see why
    Certification Process:

    An organisation can get certified to a requirement standard. You can implement the standard and get certified by a third party.

    Click here to view certification process