ISO 27701 Gap Analysis Tool

Achieve full compliance with ISO 27701:2019

The ISO 27701 Gap Analysis Tool has been created to help organisations identify whether they are meeting the requirements of the Standard and where they are falling short. Note that this tool assumes that you have a complete and functioning ISO 27001:2013 ISMS (information security management system).

It helps organisations prioritise work areas in order to expand an existing ISMS to take account of privacy. It also gives organisations direction, helping project managers identify where to start.

What does the tool do?

• Lists all the clauses and controls in ISO 27701:2019 that modify the requirements of ISO 27001 and for a PIMS (personal information management system). As such, the organisation will need an ISMS that conforms to ISO 27001:2013 in order to use this tool to assess compliance with ISO 27701.
• Contains a set of sample audit questions.
• Provides a clear, colour-coded report on the state of compliance.
• The executive summary displays the results of compliance in a clear table so that you can report on your results and measure the closure of gaps. 

The tool is designed to work in any Microsoft environment. It does not need to be installed like software, and it does not depend on complex databases; it relies on human involvement.