ISO 27701 Privacy of Personally Identifiable Information

Implement, manage and maintain all requirements required by ISO 27701 in an automated manner

Discover our PII software

With GlobalSUITE® you can implement the requirements to manage, manage data and protect the privacy of personally identifiable information (PII) without the need to develop a new management system. The platform is designed to allow the addition of industry-specific requirements by complementing the requirements and controls established by the ISO 27001 standard and the ISO 27002 Best Practice Guide

Processing of personal information

The processing of personal information is not something new today, but it is the exponential use that is being given due to the need for exchange between departments of the same company or more if possible, between different organizations for the correct provision of services, which makes it necessary to verify that this information is properly managed and protected by a Privacy Information Management System (PIMS),in accordance with country-specific legislation and regulations.

"Paperless" management systems

It allows the implementation of the entire WITHOUT Papers system,since everything is registered on the platform and has a document manager that will help you to manage all the documentation inherent in the Data Protection Regulations and with full traceability of all actions performed.

Request a demo

Features

Risk Identification

Guidance of services and processes through asset inventory. Configuration of dimensions and valuation levels.

Risk Management

Catalogue of configurable controls and summary of them, management settings, risk reassessment, parameterizable questionnaires.

Risk Analysis

Parameterization of probability and impact, risk assessment, cost analysis, asset threats and configurable.

Risk Assessment

Definition of acceptable risk, acceptable risk levels, risk listing, risk map, simultaneous or dependent risks.

SGSI processes

It allows to manage the proposal of indicators, Differential Analysis, Declaration of Applicability, capacity management, management of changes and acquisitions, etc.

Continuity, Capacity and Training Plans

It allows you to track a history of each plan and assign metrics for tracking.

Integration with Power BI

It exploits GlobalSUITE data to the maximum® by making an executive dashboard in a Business Intelligence tool such as PowerBI.

Documentary Manager

It allows the control of all the documentation, in different formats, to support the management of the continuity of the company.

Balanced Scorecard

The comprehensive dashboard enables the management and strategic control of the organization through different metrics and indicators.

ISO 27001 + ISO 27701 Integrated security and privacy model

Watch video

The solution at a glance

Thanks to GlobalSUITE’s integrated approach®, the solution’s foundation can be leveraged to grow with the different modules and tools that make up the platform, thereby taking advantage of synergies and corresponding cost and time savings. The platform can be licensed in an integrated form or separately from each of its products.

Product sheet

Request a demo

Our customers get more than software

No results found.

World-class companies and organizations already trust us

Information privacy consulting

Do you know how you need to extend the requirements of ISO 27001 and ISO 27002 to take cloud privacy protection into account?

Reference consulting

Thanks to the experience in our consulting and auditing services of ISO 27001 and ISO 27002 in all types of organizations and sectors of activity we will work on the execution of a consultancy to ensure that your company takes into account the protection of the potentially affected by the processing and processing of personal information.

Our Team

Our team has more than 15 years of experience and consists of: Lawyers and Engineers Lead Auditor, ISO 27001, ISO 20000, ISO 22301, Lead Implementer. CERTIFICATION of DPD CISA, CISM, CGEIT, CRISC PMP, ITIL, CDPP, COBIT 5 Foundations

ISO 27701 refers to the data protection legislation in force in the country where it is implemented, which is an ideal basis for all those organizations that want to provide a trust in their customers, supported by a process of continuous improvement and transparency of their processes and procedures, as it is estimated that this standard can cover future certifications associated with the General Data Protection Regulation (GDPR) as it is a certifiable standard associated with ISO 27001.

In a more detailed way ISO 27701 extends the requirements of ISO 27001 and ISO 27002 to take into account the protection of privacy, potentially affected by the processing and processing of personal information, in the following sections:

Clause 5: The requirements set out in this section are traceable with paragraphs 4 to 10 of ISO 27001, extending the requirements on information protection specifically for paragraph 4 on the organizational context and paragraph 6 planning for risk management, not providing additional needs in the rest of the paragraphs.
Clause 6: This section extends the requirements set out in the ISO 27002 Good Practice Guide and the controls set out in Annex A to ISO 27001, reviewing the 114 controls and extending the requirements on the protection of information in controls domains 5 through 18, with the exception of domain 17 (Information Security in Business Continuity) where no additional measures are established to existing ones.
Clause 7: Determines additional controls and implementation guidance for Personally Identifiable Information (PII) owners. These controls must not be implemented in their entirety, but their applicability or exclusion must be duly justified.
Clause 8: Similar to the requirements of clause 7, this section establishes additional controls and an implementation recommendation for those responsible for processing personal information of contracted third parties, also taking into account whether they, in turn, outsource services.

The standard is intended to be used by all types of organizations, regardless of their size, complexity or the country in which they operate.

Our role in carrying out the Consulting of your organization for the implementation, management and maintenance of all the requirements required by ISO 27701 in its sector of action.

''We adapt your organization to the new ISO 27701 standard to obtain successful certification''

Let’s start a new project together

Más información

Cookie	Duration	Description
_GRECAPTCHA	5 months 27 days	This cookie is set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_dc_gtm_UA-965325-8	1 minute	No description
afl_wc_utm_cookie_expiry	3 months	No description available.
afl_wc_utm_sess_landing	3 months	No description available.
afl_wc_utm_sess_visit	3 months	No description available.
AnalyticsSyncHistory	1 month	No description
bridge_sid_Xy0yMDM3OTQ4Nzkz	2 hours	No description
bridge_uid_Xy0yMDM3OTQ4Nzkz	1 year	No description
li_gc	2 years	No description
oribi_cookie_test	session	No description
oribi_session	2 hours	No description available.
oribi_user_guid	1 year	No description available.
prism_224354013	1 month	No description
TS01ad8345	session	No description
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	These cookies are set via embedded youtube-videos.
yt.innertube::requests	never	These cookies are set via embedded youtube-videos.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_XWPV7VHQKR	2 years	This cookie is installed by Google Analytics.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	No description available.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This is a Hotjar cookie that is set when the customer first lands on a page using the Hotjar script.
_hjIncludedInPageviewSample	2 minutes	No description available.
_hjTLDTest	session	No description available.
CONSENT	16 years 3 months 17 days 8 hours 11 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.

Cookie	Duration	Description
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.

Discover our PII software

No results found.

Information privacy consulting

What is ISO 27701 and what does it bring to your company?

Structure of the standard

Destination of the standard

Working methodology