1      0

(ISC)² Security Congress 2021 - Career Center & Recordings

1778665 - Implementing ISO 27701 with ISO 27001 - a potent combination to tackle Privacy and InfoSec

Oct 19, 2021 3:00pm ‐ Oct 19, 2021 4:00pm

Credits: None available.


Implementation and certification to the Information Security Management System under ISO 27001:2013 provides organizations with a consistent framework of risk management and governance and forms a foundation of sound information security practices. With stricter privacy requirements, both in the United States and internationally, adding the Privacy Information Management System under ISO 27701:2019 provides further adherence to privacy requirements and adds specific controls for data controllers and/or data processors. This standard requires ISO 27001 certification. The combination of these two standards provides an organization with ongoing compliance and sustainability of evolving technologies and requirements. We'll present a review of each standard and quick review of current privacy legislation with case studies of organizations that reduced risk, increased efficiencies and boosted customer confidence.

Learning Objectives:
  • Identify critical relationships between privacy and information security and how common controls can provide a greater value to managing legal, regulatory, contractual requirements.
  • Learn strategy to gain management and customer confidence through applying a standardized, systematic method for the protection of multiple types of information as a data custodian, data processors or data collector.
  • Analyze the current privacy and information security program within your organization to determine potential gaps and areas of improvement


Tags: Intermediate


  • 1.00 - CPE

You must be logged in and own this session in order to post comments.