The International Organization for Standardization (ISO) published the ISO/IEC 27701:2019 (ISO 27701) standard, the first publication to address international data privacy, five months ahead of the original review schedule. It outlines the requirements for implementing an organizational program – known as a Privacy Information Management System (PIMS) – to govern the handling of personally identifiable information (PII).
ISO 27701 is the first ISO standard that references an external framework or publication not actually developed by ISO, in this case the GDPR. However, despite the GDPR being in effect for more than a year, there has been no certification standard adopted for the purpose of compliance audits.
In this webinar we will review how ISO 27701 is aligned with the GDPR and the possibility and ramifications of its use as a certification mechanism, where organizations could now have a method to objectively demonstrate conformity to the GDPR as a result of third-party audits.
Key takeaways
- Introduction to the first international standard for the protection of PII
- Overview of the PIMS
- Certification process and requirements
- Reception and expected adoption of the standard
- How the standard aligns with existing privacy laws and regulations
- How to transition from an ISO 27001 Information Security Management System (ISMS) to a PIMS under an integrated model for quick deployment at minimal cost
This webinar requires registration. Please fill out the form on the page and we will send access to the email address you provide.