What is PD ISO/IEC TS 27006-2:2021 about?
This is part 2 of ISO/IEC 27006, and as such is an accreditation standard guiding certification bodies (CBs) on the formal processes they must follow when auditing their clients’ Privacy Information Management Systems (PIMS) against BS ISO/IEC 27701 and BS ISO/IEC 27001 in order to certify or register them compliant. The accreditation processes laid out in PD ISO/IEC TS 27006-2:2021 will give assurance that BS ISO/IEC 27701 certificates issued by accredited organizations are valid and meaningful.
Who is PD ISO/IEC TS 27006-2:2021 for?
- Bodies providing audit and certification for PIMS
- Auditors
- Accredited organizations
- Consultants responsible for information security management systems
- Privacy and security professionals
Why should you use PD ISO/IEC TS 27006-2:2021?
Following the publication of PD ISO/IEC 27701:2019, there was a demand for accredited certification.
To meet that demand PD ISO/IEC TS 27006-2:2021 specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to BS ISO/IEC 27701 in combination with BS ISO/IEC 27001, in addition to the requirements contained within BS ISO/IEC 27006 and BS ISO/IEC 27701.
Primarily intended to support the accreditation of certification bodies providing PIMS certification, any properly-accredited body providing ISO/IEC 27701 compliance certificates must fulfil the requirements in this standard plus the normative standards.