English
Nederlands
Personal data security in place
ISO 27701 certification
What is ISO 27701?
The additional standard ISO 27701 focuses on the protection of personal data and became available worldwide in September 2019. It is an international standard that allows an organisation to take measures within their existing ISMS (based on ISO 27001) regarding the protection of personal data.
ISO 27701 certification
Because ISO 27701 complements ISO 27001, it is possible to get certified for it. Do you and your organisation meet all the set standards and requirements? Then you will receive an internationally recognised certificate. With this certificate, you can show your (future) customers that your organisation has its personal data protection in order.
Personal data protection in order with Base27
ISO 27701 implementation
The official ISO 27701 supplement is available in English. However, a Dutch translation has been developed in cooperation with Procis ⧉ and made available for use in our ISMS programme Base27.
Are you using Base27? Then you can get started right away to easily implement the additional standard.
Because ISO 27701 is numbered in a different way from ISO 27001, you have to frequently browse between the various standards during implementation. This works very unpleasantly. In Base27, the reference to ISO 27001 is directly included and incorporated. This way, you have the necessary information conveniently together.
ISO 27701 vs. GDPR
ISO 27001 plus 27701 certification is not equivalent to an GDPR certification. The 27XXX standards cover a management system (in accordance with ISO 17021), where an GDPR certification, by definition, certifies a single product or service, or a group of products or services. Thus, the GDPR does not cover the entire organisation.
The GDPR is more specific in terms of completing the processing register, Data Protection Impact Assessments (DPIAs) and Data Protection Offerings (DPOs). The ISO 27701 is thus more generally drafted - so if an organisation wants to comply with the GDPR, this must be taken into account.
Our solution: Base27
Axxemble's goal is to support organisations in small and medium-sized enterprises in a smart and, above all, practical way to ensure adequate information security. With our own developed framework, SMEs can quickly and easily define their own policies and start the process for risk management related to information security.
We have brought all this together in our online software tooling Base27. The software provides support in the form of a portal for employees where they can find out all the necessary information. They also stay up to date with new developments through this portal. Base27 is the beating heart for performing risk analyses, realising the treatment plan, selecting suppliers, monitoring effectiveness and dealing with (security) incidents.