Back

ISO 27701 – Privacy Information Management System Certification

ISO 27701 is a certification for Privacy Information Management Systems (PIMS), allowing organizations to demonstrate their adherence to robust privacy practices and compliance with data protection regulations. A certified ISO 27701 PIMS signifies that an organization has established and implemented effective measures to protect personal information, ensuring privacy rights are respected and data security is upheld.

How can you prove to your clients and stakeholders that you are the organization that they should work with?

By obtaining an ISO certification that affirms you are compliant with the world’s best-known practices and most widely used standards!

Benefits of ISO 27701 certification to your organization

  • Enhanced data protection and privacy controls.
  • Demonstrates compliance with privacy regulations such as GDPR, CCPA, etc.
  • Increased customer trust and confidence in handling personal data.
  • Minimization of data breaches and associated risks.
  • Improved management of third-party relationships related to data handling.
  • Competitive advantage in demonstrating commitment to privacy and security.
  • Streamlined processes for managing privacy risks and incidents.

Benefits of ISO 27701 certification to your customers

  • Assurance of strong privacy measures in place for their personal information.
  • Increased transparency and accountability in data processing.
  • Enhanced trust in the organization’s commitment to privacy protection.
  • Reduced risks of data misuse or unauthorized access.
  • Confidence in the organization’s ability to handle personal data responsibly and ethically.

Certification process

Documentation review

We will conduct a review of the Management System to look for the main form of documentation

Audit

An audit is performed by us to verify that your organization is in conformity with the requirements of the standard

Certification

Upon verifying that your organization is in conformity with the requirements of the standard, a Management System Certification is granted

ASK US

Ask a question or request a commercial proposal—please fill in your details and we will contact you.

    Frequently Asked Questions

    Management Systems Certification cost depends on a range of factors such as: number of employees, number of locations, standard(s) being audited, economic activity. Based on this information, we determine the audit duration which is a pre-requisite for determining the cost.

    It depends on the outcome of the audit and the ability of the organization to respond to possible nonconformities raised during the audit. Under normal circumstances, the certificate may be issued within 2 weeks after the audit.

    There is no fixed duration for all audits; it depends on several factors like the standard against which the audit is going to be conducted; size of the company – sites and number of employees within scope; complexity of the management system; industry in which the organization operates; has the organization previously been certified or not; etc

    To maintain the certificate, your organization will be subject to two surveillance audits. The first surveillance audit will take place no longer than 12 months from the initial audit. Meanwhile, the second surveillance audit will take place no longer than 12 months from the first surveillance audit.

    Year 1 – Initial Certification\Recertification
      |- Audit plan
      |- Stage 1 audit (remote documentation review)
      |- Stage 2 audit (on-site or remote, interviews)
      |- Addressing non-conformities
      |- Issuing the certificate ( 2 weeks after audit closing)
    Year 2 – First Surveillance audit
      |- Audit plan
      |- Surveillance audit (on-site or remotely, interviews)
      |- Addressing non-conformities
    Year 3 – Second Surveillance audit
      |- Audit plan
      |- Surveillance audit (on-site or remotely, interviews)
      |- Addressing non-conformities

    PECB Ukraine is the official representative in Ukraine for MSECB, which is an accredited Management System Certification Body by the International Accreditation Service (IAS) under ISO/IEC 17021 – Requirements for bodies providing audit and certification of management systems. Additionally, MSECB is an accredited Product Certification Agency under ISO/IEC 17065 – Requirements for bodies certifying products, processes, and services.

    Yes. Being accredited by IAS, which is part of the IAF MLA, gives our certificates global recognition.

    An MSECB Certificate is valid for three years, and it is subject to annual audits.

    If non-conformities are found during the audit, you are requested to provide root cause analysis, correction, and corrective actions to resolve the non-conformities. These must be reviewed, verified and accepted by the auditor.