National Standards Authority of Ireland New Standards Shop

Buy Irish Standards Online

Skip to content

I.S. EN ISO/IEC 27701:2021 Security Techniques for Privacy Information Management System (PIMS) is a privacy extension of ISO/IEC 27001 Information Security Management and ISO/IEC 27002 Information Security Controls.

PIMS outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy.


  •  Annex B introduces 31 additional controls for PII controllers and 18 additional controls for PII processors.
  • Support compliance with GDPR and other data protection regulations.
  • Clarifies roles and responsibilities.
  • Builds trust in clients and stakeholders for managing personal information securely.
  • Enables you to meet the highest standards of responsibility and transparency in the processing of personal information.
  • Identify and mitigate risk by implementing rigorous privacy controls.