What is the best way to be adopted in an attempt to establish an effective PIMS based on ISO 27001 and ISO 27018 and perhaps consider ISO 27701
Assign topic to the user
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more 
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT
Step-by-step implementation for smaller companies.
Find out more
Please note that ISO 27701 is based on ISO 27001, adding specific requirements related to the protection of private information, so ISO 27701 would be the best approach for a PIMS.
Regarding ISO 27018, you need to consider this supporting standard only if you have specific requirements regarding the protection of information in the cloud (ISO 27701, like ISO 27001, which has enough controls for overall protection of information in cloud environments).
These articles will provide you a further explanation about ISO 27001, ISO 27018, and ISO 27701:
- Relationship between ISO 27701, ISO 27001, and ISO 27002 https://advisera.com/27001academy/blog/2019/12/10/relationship-between-iso-27701-iso-27001-and-iso-27002/
- ISO 27001 vs. ISO 27018 – Standard for protecting privacy in the cloud https://advisera.com/27001academy/blog/2015/11/16/iso-27001-vs-iso-27018-standard-for-protecting-privacy-in-the-cloud/
Comment as guest or Sign in
Oct 30, 2020