Once you have familiarised yourself with the requirements, you’re ready to begin implementing ISO/IEC 27701 and show you take protecting personal information seriously.

Here are our top tips for successful ISO/IEC 27701 implementation:

• Secure commitment across your organization, including your leadership team, employees and supply chain
• Regularly engage with your leadership team and key stakeholders
• Clearly define your role as a data processor, controller or both
• Compare your existing privacy processes and controls with ISO/IEC 27701 requirements
• Get supply chain and stakeholder feedback on your current privacy processes and controls
• Establish an implementation team to get the best results
• Map out and share roles, responsibilities and timescales
• Adapt the basic principles of the ISO/IEC 27701 standard to your organization
• Motivate and support your staff through training courses
• Create a more consistent approach throughout the data processing supply chain by encouraging others to implement ISO/IEC 27701
• Consider BSI software to help capture and manage your ISO/IEC 27701 audits, findings, incidents and risks more effectively
• Regularly review your ISO/IEC 27701 system to make sure it remains effective and that you are continually improving it

Develop the knowledge and skills required to implement ISO/IEC 27701, understand what your organization will need to do and share ideas and experiences with your peers at our BSI Implementing ISO/IEC 27701 course.

Once you have implemented the requirements you are ready to begin the certification process for ISO/IEC 27701.