What is ISO 27701 certification?
ISO 27701 certification gives you evidence or assurance that you have effective measures in place to protect the personal data your organisation controls or processes from errors, misuse, corruption and loss.
ISO/IEC 27701:2019 is an extension to the information security standard ISO/IEC 27001. If you are planning to obtain ISO 27701 certification, you will need to either already have ISO 27001 certification, or plan to certify to both standards during the same process.
ISO 27001 and ISO 27002 2022 updates
ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.
Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).
For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates
Download your copy of ISO 27001:2022 here
Download your copy of ISO 27002:2022 here
How to get certified to ISO 27701
The path to ISO 27701 certification starts with an assessment of your level of compliance. This involves reviewing existing data protection and information security policies, procedures and practices, including interviews with key members of staff. We will then help you implement an appropriate PIMS, and help you select and apply the appropriate controls for your business environment.
Certification to ISO 27701 will need to include certification to ISO 27001. If you do not yet have a valid ISO 27001 certificate, we will help you implement an ISMS (information security management system) as part of this process.
IT Governance is a leader in the field of ISO 27001, having helped more than 800 organisations prepare for certification in the past 15 years. With a range of affordable service options, we can help you achieve certification to both ISO 27001 and ISO 27701.
Find out more about our ISO 27001 certification services
Speak to an ISO 27701 expert today
Get in touch with one of our qualified data privacy/information security specialists for free practical advice and guidance on ISO 27701 consultancy.
ISO 27701 consultancy services
Drawing on our practical data privacy and information security expertise, we can help you implement a totally integrated privacy/ information security management system with ease.
ISO 27701 gap analysis
This service provides a specialist review of your privacy information management activities against the requirements of ISO/IEC 27701:2019. It is suitable both for organisations preparing to implement the Standard and for those seeking an external examination of their activities.
Get an accurate picture of your ISO 27701 compliance, and expert advice on how to scope your project and establish its resource requirements.
Download the service description
Mentor and coach consultancy
With the ISO 27701 mentor and coaching service, an experienced privacy consultant will help you develop the necessary skills and expertise to manage data privacy while implementing a PIMS based on ISO 27701.
This service includes regular mentoring and coaching sessions with a qualified ISO 27701 and ISO 27001 implementation expert. Sessions are usually delivered in one- to three-hour sessions through a combination of online chat, telephone and other remote communication methods.
Download the service description