risk3sixty white papers

ISO 27701:

The Path to Privacy Program Certification and Implementation

ISO 27701 Path to Privacy Program Certification (Part 1)

Overview

Absent an official GDPR certification, companies have scrapped by with a gamut of costly due diligence questionnaires, customer audits, and stringent data protection addendum (DPA’s) in an attempt to gain at least minimum comfort that their company, vendors, and business partners are meeting the requirements spelled out by GDPR. These efforts have left a looming question for all affected companies.

When will there be a GDPR certification?

ISO 27701 not only fills the void as a potential GDPR certification, but provides much more by requiring companies to adhere to the ISO 27001 information security standards. ISO 27701 combines security andprivacy in one comprehensive certification. In this white paper, we will discuss the ISO 27701 framework,implementation methodology, required documents, and relevance to GDPR. Detailed mappings of Clauses 5, 6, 7, and 8 to existing standards are included as appendices.

This Whitepaper Series Includes:

  • Part 1: Will present a business case which outlines why organizations should consider ISO 27701 certification from business perspective
  • Part 2: Will cover the essential elements of the ISO 27701 Framework (This Whitepaper)
  • Part 3: Will cover the ISO 27701 certification process from start to finish

Team Specialist

Phil Brudney

Director

Philip leads Security, Privacy, and Compliance research and quality assurance at risk3sixty. He oversees privacy and attestation reporting and is the co-quality assurance manager for the assurance practice where he is responsible for ensuring each engagement meets risk3sixty’s rigorous quality standards in line with AICPA requirements. Phil leads development and peer review of thought leadership, research, and whitepapers. In addition, Phil acts as the Data Protection Officer (DPO) for a wide array of US based firms facing GDPR compliance.

Speak With An Expert

Let Us Know How We Can Help

Fill out the form and let us know what service you’re interested in; or ask any general question and we’ll get back to you as soon as possible.