ISO 27701 Certification (PIMS):
Extend Your ISMS to Privacy — A Philippine Privacy Mark Prerequisite
ISO/IEC 27701 is an extension of ISO 27001 that adds requirements for establishing, implementing, and maintaining a Privacy Information Management System (PIMS). It maps directly to the Data Privacy Act's requirements for personal information controllers (PICs) and processors (PIPs).
Gardoce Services:
- ISO 27701 gap assessment (building on existing ISO 27001 ISMS)
- PII inventory and data flow mapping
- Privacy risk assessment
- PIMS policy and procedure development
- PIC/PIP control implementation
- Integration with NPC compliance requirements
- Internal audit and certification body preparation
The NPC's Philippine Privacy Mark (PPM) Certification Program, established under NPC Circular No. 2023-05, requires both ISO/IEC 27001 and ISO/IEC 27701 certification as prerequisites before an organization can apply. The PPM offers the highest level of assurance on data privacy compliance and enables secure cross-border data transfers.
Ready to Transform Your Business?
Book a free consultation today and discover how digital transformation and cyber resilience can grow your Filipino business or accelerate your government operations.