prSSH EN ISO/IEC 27706:2025

Information security, cybersecurity and privacy protection - Requirements for bodies providing audit and certification of privacy information management systems (ISO/IEC 27706:2025)

General information

Current stage: 40.20 Effective date: Feb 9, 2026

Next stage: 40.60 Next stage date: May 11, 2026

Originator: DPS

Owner: DPS/KT 224

Type: European Norm

ICS: 03.120.20 35.030

Scope

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701, in addition to the requirements contained within ISO/IEC 17021-1.
The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing PIMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing PIMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.

Life cycle

NOW

IN_DEVELOPMENT
prSSH EN ISO/IEC 27706:2025
40.20 DIS ballot initiated: 12 weeks
Feb 9, 2026

Related project

Adopted from EN ISO/IEC 27706:2025 IDENTICAL

Adopted from ISO/IEC 27706:2025 IDENTICAL

Preview

Only informative sections of projects are publicly available. To view the full content, you will need to create an account. If you are a member, please log in to your account by clicking on the "Log in" button.