prSSH EN ISO/IEC 27701:2025

Information security, cybersecurity and privacy protection - Privacy information management systems - Requirements and guidance (ISO/IEC 27701:2025)

General information

Current stage: 40.20 Effective date: Feb 9, 2026

Next stage: 40.60 Next stage date: May 11, 2026

Originator: DPS

Owner: DPS/KT 224

Type: European Norm

ICS: 35.030

Scope

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS).
Guidance is also provided to assist in the implementation of the requirements in this document.
This document is intended for personally identifiable information (PII) controllers and PII processors holding responsibility and accountability for PII processing.
This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.

Life cycle

PREVIOUSLY

PUBLISHED
SSH EN ISO/IEC 27701:2021

NOW

IN_DEVELOPMENT
prSSH EN ISO/IEC 27701:2025
40.20 DIS ballot initiated: 12 weeks
Feb 9, 2026

Related project

Adopted from EN ISO/IEC 27701:2025 IDENTICAL

Adopted from ISO/IEC 27701:2025 IDENTICAL

Preview

Only informative sections of projects are publicly available. To view the full content, you will need to create an account. If you are a member, please log in to your account by clicking on the "Log in" button.