This document specifies refinements for an application of EN ISO/IEC 27701 in a European context.
This document is applicable to the same entities as is ISO/IEC 27701: all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors.
An organization can use this document for the implementation of the generic requirements and controls of EN ISO/IEC 27701
according to its context and its applicable obligations.
Certification criteria based on these refinements can provide a certification model under ISO/IEC 17065 for processing operations
performed within the scope of a privacy information management system according to EN ISO/IEC 27701, which can be combined
with certification requirements for EN ISO/IEC 27701 under ISO/IEC 17021.
Registration number (WIID)
81466
Scope
This document specifies refinements for an application of EN ISO/IEC 27701 in a European context.
This document is applicable to the same entities as is ISO/IEC 27701: all types and sizes of organizations, including public and private
companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors.
An organization can use this document for the implementation of the generic requirements and controls of EN ISO/IEC 27701
according to its context and its applicable obligations.
Certification criteria based on these refinements can provide a certification model under ISO/IEC 17065 for processing operations
performed within the scope of a privacy information management system according to EN ISO/IEC 27701, which can be combined
with certification requirements for EN ISO/IEC 27701 under ISO/IEC 17021.
