Upgrade your information security with ISO 27701


ISO 27701 was introduced in 2019 as an extension to the Information Security Management Standard, ISO 27001, and it is now available from us here at QMS.

Protecting personal information has become a key priority for businesses that create, collect or process it. Everyone now has the right to decide who keeps their personal information and how it is used, and businesses, therefore, have a duty to use it correctly and keep it safe.

As a result, this new ISO goes deeper into the protection of personal information, introducing systems that can help a business to control, process and manage the handling of personal data.

It also builds a framework of processes that can help a business to stay compliant to stringent privacy laws, such as the EU-wide GDPR (General Data Protection Regulation), helping you to avoid costly fines for breaches.

How can ISO 27701 help my business?

ISO 27701 adds another layer to the Information Security Management Standard, ISO 27001. It is specifically focused on personal information or PII (personally identifiable information) and is an excellent way of demonstrating that your business knows how to protect personal information and handle it safely.

This will inspire confidence among your staff, suppliers, contractors and customers, building your company reputation and giving you an advantage in new business tenders.

By setting up the necessary processes to comply with the Standard, your business will also be supported to comply with privacy legislation, such as the GDPR or DPA 2018 (Data Protection Act).

As an internationally recognised Standard, ISO 27701 means that your business can be made compliant with the laws and regulations of any geographical location, a definite advantage if your business has dealings beyond the shores of the UK.

You can find out more about the benefits of ISO 27701 by reading our dedicated webpage.

How do I get ISO 27701?

To implement ISO 27701, you will need to have ISO 27001. This is because the Standards are designed to work together to create a Privacy Information Management System (PIMS).

If you have a pre-existing ISO 27001, you can ‘bolt on’ ISO 27701, which will make the process a little faster as the essential framework is already in place.

However, if you do not currently have ISO 27001, you will need to implement it at the same time in order to achieve ISO 27701. This will strengthen all of your information security systems and give you robust processes for maintaining information security.

At QMS we can offer both ISO 27001 and ISO 27701 as an integrated product. Our expert consultants can assess and audit your business for both Standards at the same time to avoid unnecessary complexity.

We can also offer ISO 27701 to our clients who have an ISO 27001 management system created by us. If your system was created by yourself or by another accredited body, we will assess your business on a case-by-case basis.

To get an idea of the cost, you can get an instant quote using our free calculator tool.

Find out more about ISO 27701

If you would like to find out more about ISO 27701, feel free to get in touch with us. You can call us on 0333 344 3646 or drop us an email at sales@qmsuk.com.

Sign up to get the latest in your inbox

    • Email address

About the author

  • Name:

    Claire Price

  • Company:

    Content Marketing Executive

  • Bio:

    Claire has worked for QMS since 2020 writing creative and informative content on ISO certification and consultation to help businesses reach their potential.


QMS International use cookies to provide you with a better site experience, enable features and to help us understand how our website is being used.

By continuing, you consent to the use of cookies in accordance with our Cookie Policy

Allow All Cookies

Allow Strictly Necessary Cookies Only