ISO 27701 Consultancy

If you are looking to implement a PIMS (privacy information management system) or achieve certification to ISO 27701, then IT Governance can help you through every step of the process.

Speak to an expert

For expert advice on GDPR compliance, or implementing ISO 27701, please get in touch today.

Speak to one of our experts to discover how we can help your PIMS implementation and/or certification project.

What is ISO 27701 certification?

ISO 27701 certification gives you evidence or assurance that you have effective measures in place to protect the personal data your organisation controls or processes from errors, misuse, corruption and loss.

ISO/IEC 27701:2019 is an extension to the information security standard ISO/IEC 27001. If you are planning to obtain ISO 27701 certification, you will need to either already have ISO 27001 certification, or plan to certify to both standards during the same process.

ISO 27001 and ISO 27002 2022 updates

ISO/IEC 27001:2022 – the newest version of ISO 27001 – was published in October 2022.

Organisations that are certified to ISO/IEC 27001:2013 have a three-year transition period to make the necessary changes to their ISMS (information security management system).

For more information about ISO 27001:2022 and its companion standard, ISO 27002:2022, and what they mean for your organisation, please visit ISO 27001 and ISO 27002: 2022 updates

Download your copy of ISO 27001:2022 here

Download your copy of ISO 27002:2022 here

How to get certified to ISO 27701

The path to ISO 27701 certification starts with an assessment of your level of compliance. This involves reviewing existing data protection and information security policies, procedures and practices, including interviews with key members of staff. We will then help you implement an appropriate PIMS, and help you select and apply the appropriate controls for your business environment.

Certification to ISO 27701 will need to include certification to ISO 27001. If you do not yet have a valid ISO 27001 certificate, we will help you implement an ISMS (information security management system) as part of this process.

IT Governance is a leader in the field of ISO 27001, having helped more than 800 organisations prepare for certification in the past 15 years. With a range of affordable service options, we can help you achieve certification to both ISO 27001 and ISO 27701.

Find out more about our ISO 27001 certification services

Speak to an ISO 27701 expert today

Get in touch with one of our qualified data privacy/information security specialists for free practical advice and guidance on ISO 27701 consultancy.

Contact us

ISO 27701 consultancy services

Drawing on our practical data privacy and information security expertise, we can help you implement a totally integrated privacy/ information security management system with ease.

ISO 27701 gap analysis

This service provides a specialist review of your privacy information management activities against the requirements of ISO/IEC 27701:2019. It is suitable both for organisations preparing to implement the Standard and for those seeking an external examination of their activities. 

Get an accurate picture of your ISO 27701 compliance, and expert advice on how to scope your project and establish its resource requirements.

 Download the service description

Mentor and coach consultancy

With the ISO 27701 mentor and coaching service, an experienced privacy consultant will help you develop the necessary skills and expertise to manage data privacy while implementing a PIMS based on ISO 27701.

This service includes regular mentoring and coaching sessions with a qualified ISO 27701 and ISO 27001 implementation expert. Sessions are usually delivered in one- to three-hour sessions through a combination of online chat, telephone and other remote communication methods.

 Download the service description

The benefits of ISO 27701 certification

  • Meet the privacy and information security requirements of the GDPR (General Data Protection Regulation), DPA (Data Protection Act) 2018 and other data protection regimes.
  • Demonstrate that you have taken “appropriate technical and organisational measures” to protect your personal data in line with the GDPR’s accountability principle (Article 5(2)).
  • Identify and mitigate data privacy risks.
  • Instil a culture of data privacy awareness in your organisation.
PROTECT YOUR
BUSINESS
THIS WINTER