International Standard
ISO/IEC 27706:2025
Information security, cybersecurity and privacy protection — Requirements for bodies providing audit and certification of privacy information management systems
Reference number
ISO/IEC 27706:2025
Edition 1
2025-10
© ISO 2026
Preview
недоступно на русском языке
Опубликовано (Версия 1, 2025)

ISO/IEC 27706:2025

Язык
Формат
CHF 135
* Pасходы на перевозку должны оплачиваться
Пересчитать швейцарские франки (CHF) в ваша валюта

What is ISO/IEC 27706:2025?

ISO/IEC 27706:2025 specifies the requirements for bodies that audit and certify Privacy Information Management Systems (PIMS) based on ISO/IEC 27701. It provides both mandatory requirements and practical guidance to ensure that certification bodies are competent, consistent, and reliable in assessing PIMS implementations.

It aligns with ISO/IEC 17021-1 (for certification of management systems in general) but tailors its provisions specifically to the privacy and data protection context, making it an essential tool for anyone involved in PIMS certification, accreditation, or oversight.

Why is ISO/IEC 27706 important?

As privacy regulations continue to evolve globally—think GDPR, CCPA, and beyond—confidence in the bodies certifying privacy systems becomes critical. This standard ensures that PIMS certification is credible, consistent, and globally recognized.

It helps reduce risks of inconsistent audits, enhances trust in certified systems, and supports regulatory alignment for organizations operating across jurisdictions.

 

Benefits

  • Ensures high-quality, reliable audits of ISO/IEC 27701-based PIMS
  • Strengthens accreditation and peer-assessment frameworks
  • Aligns with international expectations for privacy and data protection assurance
  • Helps national accreditation bodies enforce uniform criteria
  •  Supports businesses seeking certified assurance for privacy compliance

 

FAQ

This first edition of ISO/IEC 27706 replaces the previous technical specification (TS). Key updates include:

  • New title and full standard status (no longer a TS)
  • Clause structure aligned to ISO/IEC 17021-1, not ISO/IEC 27006-1
  • Addition of Annexes A, B, and C for expanded guidance

This standard is designed for:

  • Certification bodies performing PIMS audits
  • Accreditation bodies assessing certification organizations
  • Privacy professionals working in audit, compliance, and assurance
  • Organizations preparing for ISO/IEC 27701 certification that want to understand auditor expectations

No—but it is required for the certification body, not the organization being certified. It ensures your auditor operates with rigor, privacy expertise, and global alignment, making your certification more trustworthy.

Общая информация

  • Текущий статус
     : Опубликовано
    Дата публикации
     : 2025-10
    Этап
    : Опубликование международного стандарта [60.60]
  • Версия
     : 1
  • Технический комитет :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030  03.120.20 
  • RSS обновления

Жизненный цикл

Цели в области устойчивого развития

Данный стандарт разработан для достижения следующих Цели в области устойчивого развития

9
Индустриализация, инновации и инфраструктура
12
Ответственное потребление и производство
16
Мир, правосудие и эффективные институты

Появились вопросы?

Ознакомьтесь с FAQ

  2. Интернет-магазин
  3. Интернет-магазин
  4. МКС
  5. 35
  6. 35.030
  7. ISO/IEC 27706:2025