ISO/IEC 27706

Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of privacy information management systems

General information

Current stage: 60.00 Effective date: Feb 22, 2025

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27

Type: International Standard

Scope

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006. It is primarily intended to support the accreditation of certification bodies providing PIMS certification.
The requirements contained in this document need to be demonstrated in terms of competence and reliability by any body providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC TS 27006-2:2021

NOW

PROJECT
ISO/IEC 27706
60.00 Standard under publication
Feb 22, 2025

National adoptions

dnaSRPS EN ISO/IEC 27706:2024

ISS

Information technology, cybersecurity and privacy protection - Requirements for bodies providing audit and certification of privacy information management systems (ISO/IEC FDIS 27706:2024)

50.60 Close of voting. Proof returned by secretariat

I224 more