ISO 27701 Overview

ISO 27701 – 2019 is the certification standard for privacy information management system (PIMS).
By getting certified you can show certification of your privacy compliance processes as per international best practices.
In Coral, we have successfully implemented PIMS-IS 27701-2019 for our clients, using a 7-phase methodology.
ISO 27701 has nearly 264 individual requirements, not all of which may be applicable if you are either a controller or a processor. If you are both, then all would perhaps apply, however the best option would be to conduct a gap analysis first to determine those that apply.
Contact us so we can get the conversation started.

Start your Privacy Management Journey Now!

Our ISO 27701 - 2019 Consulting Methodology has the following broad phases

We bring our world-class experience in delivery BCMS ISO 27701 - 2019 implementation leading to successful certification.

Phase I – Information Flow Assessment

This phase involves identification of information sources, and is processing infrastructure that involves personnel, technology, physical infrastructure.

Phase II – Gap Analysis

This phase involves performing privacy impact assessment and security risk assessment to determine security and legal loopholes. Identified gaps are provided with detail recommendations.

Phase III – Control Design and Documentation

This phase involves our methodology that involves distribution security responsibility to internal stakeholders, with control policies and transactions that ensures that the PIMS is well embedded in the organisation processes. This also includes nomination of a data protection officer and creating data protection office, for the organisation. In a typical engagement organisation receives 25+ policies and procedures.