ISO/IEC TS 27006-2:2021

Requirements for bodies providing audit and certification of information security management systems — Part 2: Privacy information management systems ISO/IEC TS 27006-2:2021

Publication date:   Feb 26, 2021

General information

90.92 Standard to be revised   Apr 19, 2021


ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Technical Specification

35.030   IT Security | 03.120.20   Product and company certification. Conformity assessment



Language in which you want to receive the document.


This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing PIMS certification.
The requirements contained in this document need to be demonstrated in terms of competence and reliability by anybody providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

Life cycle


ISO/IEC TS 27006-2:2021
90.92 Standard to be revised
Apr 19, 2021


ISO/IEC DIS 27006-2