ISO 27701 Overview

ISO 27701:2019 is an extension of ISO 27001 that sets out the requirements and guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS). It provides guidance for your Personally Identifiable Information (PII) controllers and processors who hold the esponsibility and accountability for the processing of personally identifiable information. It is applicable to all types and sizes of organisations, including public and private companies, government entities and not-for-profit organisations.


How can UICS help?

There are two ways we can help depending on whether or not you are currently certified:

  1. Certification preparation. For those not certified our ISO 27701 consultant will start with a detailed gap analysis to understand your processes and see how far they are from the standards required for certification. Once these gaps are identified the consultant will work with you to get them filled in a way that works for your business. You will then be ready for certification. 

  2. Internal Audits. For those already certified our ISO 27701 auditor will work with you to gather all the relevant information on how your business is currently operating. They will then evaluate it to establish your current compliance level against ISO 27701. The auditor will work towards the ultimate question. Are you still adhering to the standard? The answer to this question decides what we can do next. 


 

6 Benefits of Hiring an ISO 27701 Consultant

  1. It’s our day job, we hit the ground running. We know exactly where to start and what we need. This speeds up getting you certification ready. 

  2. You hire us to do one job and one job only. There are no distractions, no ‘just jobs’ that need doing quickly. No meetings to attend. When you hire us we will not stop until you are certification ready. Your employees can focus on their own jobs and nothing falls behind. 

  3. We save you time and money. The above two points are the time savers and by saving time, we save you money. Who doesn't want that? 

  4. We are independent, impartial and objective. This is something that can prove difficult when using employees. It’s possible, of course, but can prove difficult. We know what standards you need to test against and how you need to do it. If we think parts of your business aren't quite there or more work is needed we won't hesitate in letting you know. 

  5. Knowledge. We are on hand to answer any question you have about ISO’s and certification. Arguably so is google but can google answer the question in relation to your specific business? Do they know what your circumstances are? Do they know where you see yourselves in 5 years time? Consultants add that personal touch. 

  6. Experience. Our consultants have dealt with a wealth of businesses large and small. They’ve seen things work well and others, not so much. They bring this to the table.

 

Benefits of ISO 27701

We’ve all heard of GDPR and the Data Protection Act. These set out a requirement for all organisations to ensure the privacy of all personal data they process. Unfortunately, they do not give much guidance on what this should look like. That is where ISO 27701 comes in and why it is incredibly beneficial for your organisation if you handle such information.

ISO 27701 also has the added bonus of building trust with clients and customers as they know personal information is handled to the international standard. The reputational damage associated with the mishandling of personal information is huge. Ensuring your business has the system in place to limit such issues cannot be understated.


Contact Us Today

To book your free, no obligation review and quote with an ISO 27701 consultant.