Contact us Client area Logo library Consultant area FAQS Newsletter sign up
Global Certification Body
Phone Created with Sketch.

0800 052 2424
0
menu Created with Sketch. close Created with Sketch.
Home Resources News
NQA Achieves UKAS Accreditation for ISO 27701

NQA Achieves UKAS Accreditation for ISO 27701

08 March 2022
NQA is pleased to announce that we have recently received UKAS accreditation for ISO 27701:2019 the International Standard for Privacy Information Management.

Following a rigorous auditing assessment, successful UKAS accreditation for ISO 27701 was gained on the 4th March 2022.  

ISO 27701:2019 is a data privacy extension to ISO 27001. This information security standard provides guidance for organisations looking to put in place systems to support compliance with GDPR and other data privacy requirements. ISO 27701, also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage data privacy. Privacy information management systems are sometimes referred to as personal information management systems.

The standard helps organisations reduce risk to the privacy rights of individuals and to themselves by enhancing an existing Information Security Management System, and is a great way of demonstrating to customers, external stakeholders and internal stakeholders that effective systems are in place to support compliance to GDPR and other related privacy legislation.

Information Assurance Manager Tim Pinnell writes; "The accreditation process is rigorous. It’s not just about the auditor in action being witnessed by UKAS. NQA’s own internal management system is also audited. This is in addition to the regular external audits of NQA, so it’s the best way of having independent verification of our processes and of our auditors. Having the UKAS accreditation mark gives our customers the confidence that NQA meets all the required standards for privacy information management system auditing."

Organizations looking to gain certification to ISO 27701 in order to comply with GDPR will either need to have an existing ISO 27001 certification or implement ISO 27001 and ISO 27701 together as a single implementation audit. ISO 27701 is a natural expansion to the requirements and guidance set out in ISO 27001.

Tools to help you

  • To purchase your copy of the standard visit the ISO website here.

  • Book a place on uor ISO 27701 Introduction & Implementation Training course here.

  • Watch a video on tips to implement ISO 27701 here.

  • Find our ISO 27701 Quick Guide here.

If you are interested in understanding how NQA can assist you in gaining certification against ISO 27701 please contact our Business Development Advisors on 0800 052 2424 (option 2) or email sales@nqa.com.