What is ISO 27701?
This is a newly established standard to help organisations implement and develop an Information Security around Personally Identifiable Information (PII). It is intended to be used in conjunction with ISO 27001 to specifically address security controls around PII, both for Data Controllers and processors. This standard provides an additional set of controls to be followed by Data Controllers and Data Processors.
We have ISO 27001, why do we need ISO27701?
Enhancing your existing management system established under ISO 27001 is clearly a choice based on business and customer needs. Whilst ISO 27001 is an excellent standard to prove compliance to information security best practices, its controls are fairly generic and by their nature do not focus in any detail on specific aspects of security. ISO 27701 addresses the gap between the existing controls and the requirements of the latest Data Protection and GDPR requirements.
Essentially, it will enable your business to communicate to the world that you have taken PII security to heart and are working on best practice controls to reduce and mitigate risks associated with non-compliance with data protection laws.
Do we need this if we have BS 10012?
If you already have certification to BS 10012 consideration should be given to transitioning your certification to ISO 27701 as the international standard is more aligned to your existing ISO 27001. Our experience has shown that the step between the two standards is very small and the transition is relatively easy if your management system under BS 10012 is healthy.
How can ISO 27701 Certification help win more Tenders?
In a variety of industries, ISO 27701 certification is now a very common demand during the PQQ (Pre-Qualifying Questionnaire) stage of the tendering process.
It can be challenging to successfully structure, format, and communicate in your tendering application document how your company manages it’s information security in relation to Personally Identifiable Information (PII).
Achieving ISO 27701 Certification means your business will now have a well-documented management system that has been implemented and executed. Having these policies and procedures in place now means that the majority of the responses to tendering questions will be easily accessible.
How we can help
Blackmores specialise in helping you to implement and maintain your ISO 27701 Privacy Information Management System across London, Hertfordshire and Bedfordshire, and UK-wide. We can also assist with international locations, having experience of working in 27 other countries.
Conduct a Gap Analysis – To help establish your strengths and weaknesses.
ISO 27701 isologists® – We have a skilled team of consultants to help you implement a Management System. From London to the UAE, we have experience working internationally across many sectors.
Internal Audits – We can help you to plan and conduct Internal Audits to verify your compliance with ISO 27701.
On-Site Support – We can provide support during External Audits carried out by Certification Bodies.
Request a quote for Certification – We can send a request for a quote to 3 UKAS certified Certification Bodies on your behalf. This is done free of charge on request.
Need assistance with ISO 27701, simply Contact Us.
We also have a short podcast episode about ISO 27701 available to watch Here.
ISO 27701 Videos
Download the ISO Standards Blueprint
A step-by-step checklist for getting ISO certified
What our clients have to say
The support and advise I get from our assigned auditors is immense. Forward planning for the following year is great and they are flexible and always willing to help.
“Blackmores have assisted us almost since the start of our adoption of the ISO 9001 quality standard. Their input has improved our processes since the start, and enabled our goal of continuous improvement to be achieved. The people are also extremely easy to get on with, and they really understand our business, giving us a great deal of confidence in their advice.”
“Blackmores are the perfect bridge between working on your ISO as an individual or company, to being audited each year. We find that any queries we have are covered and we feel sure that we have everything as needs be before going into an external audit.”
“We have been extremely impressed with the service and support provided by Blackmores. There knowledge and assistance through out our ISO journey has been amazing!”
“Blackmores have really kept us on our toes with the broad scope and level of detail they apply to our internal audit schedule. They always stay abreast of ISO standard changes and help us to adapt our processes and documents to embrace these changes accordingly. Having Blackmores shadow our external audits provides invaluable confidence and peace of mind – would highly recommend their services!”
“Our ISO 27001 certification project has gone so well, that there was no doubt in who we were going to ask to help us with our aspirations of becoming ISO 14001 certified. It’s been an absolute pleasure working with Blackmores, and we are really looking forward to working with them for the foreseeable future.”
Our 7 Steps to Success
The Blackmores ISO Roadmap is a proven path to go from idea to launching your ISO Management System.
Whether you choose to work with one of our isologist consultants or work your own way through the process on our isology Hub, we’re certain you’ll achieve certification in no time!