Quick Search

Certification Services

ISO/IEC 27701 Privacy Information Management


With the increased popularity of e-commerce and online electronic payments, massive amounts of data are generated every day. In response to public concerns over data leaks, authorities around the world are implementing regulations to secure private information. 

ISO/IEC 27701 provides guidance for organisations on how to implement various controls for identifying and mitigating  risk when processing and/or controlling personal identifiable information. By fulfilling the requirements of the Standard, organisations demonstrate their ability to handle privacy information and have controls in place in regards the relevant privacy regulatory requirements, such as the General Data Protection Regulation (“GDPR”) in the European Union and the Personal Data (Privacy) Ordinance (“PDPO”) in Hong Kong.


Certification Standard

ISO/IEC 27701 specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002. The Standard specifies PIMS-related requirements and provides guidance for PII controllers and PII processors who are responsible  and accountable for PII processing. It is applicable to all types and sizes of organisation, as long as they are PII controllers and/ or PII processors processing PII within an ISMS.


Benefits of Certification

  • Strengthens customers’ trust in the organisation’s ability to handle privacy information
  • Provides transparency for stakeholders by helping to clarify their roles and responsibilities
  • Showcases the organisation’s ability to establish controls to address the privacy regulatory requirements such as GDPR and PDPO
  • Helps organisations to identify and mitigate risk more effectively by implementing rigorous privacy controls









Apply Enquiry Request Quotation Terms & Condition


Last Update: 2024-06-13   Disclaimer and Copyright
Copyright © 2009 Hong Kong Quality Assurance Agency. All rights reserved.