ISO/IEC 27701:2025

Information security, cybersecurity and privacy protection — Privacy information management systems — Requirements and guidance

Publication date: Oct 14, 2025

General information

Current stage: 60.60 Effective date: Oct 14, 2025

Originator: ISO/IEC

Owner: ISO/IEC JTC 1/SC 27

Type: International Standard

ICS: 35.030

Languages: English French

Buying

Status: Published

PDF

Paper

PDF and Paper

Language

Language in which you want to receive the document.

Scope

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS).
Guidance is also provided to assist in the implementation of the requirements in this document.
This document is intended for personally identifiable information (PII) controllers and PII processors holding responsibility and accountability for PII processing.
This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC 27701:2019

NOW

PUBLISHED
ISO/IEC 27701:2025
60.60 Standard published
Oct 14, 2025

National adoptions

dnaSRPS EN ISO/IEC 27701:2025

ISS

Information security, cybersecurity and privacy protection - Privacy information management systems - Requirements and guidance (ISO/IEC 27701:2025)

50.60 Close of voting. Proof returned by secretariat

I224 more