prEN ISO/IEC 27701

Information security, cybersecurity and privacy protection - Privacy information management systems - Requirements and guidance (ISO/IEC DIS 27701:2024)

Scope

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS).
Guidance is provided to assist in the implementation of the controls in this document.
This document is intended for PII controllers and PII processors holding responsibility and accountability for PII processing.
This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.