How can I help with ISO 27701?
Free AI guidance for ISO 27701 compliance.
- Set up a PIMS
- Controller or processor
- Map to GDPR
About the ISO 27701 assistant
Seeded with ISO/IEC 27701 concepts: the privacy information management system (PIMS), which in its latest edition (ISO/IEC 27701:2025) is a stand-alone management system standard that can also build on an existing ISO/IEC 27001 ISMS, the distinction between a PII controller, a PII processor, and controls shared by both roles, the Annex A privacy controls, and the mappings that connect a PIMS to GDPR and other privacy frameworks such as ISO/IEC 29100.
- Plan how to build a PIMS under ISO/IEC 27701, either as a stand-alone privacy management system or integrated with an existing (or planned) ISO/IEC 27001 ISMS, including the privacy scope, risk assessment, and Statement of Applicability.
- Work out whether you act as a PII controller, a PII processor, or both, and which role-specific and shared privacy controls and responsibilities apply to you.
- Use the PIMS-to-GDPR and related mappings to connect your controls to legal obligations, and draft the privacy policies, records (such as records of processing and data subject request handling), and evidence an auditor will expect for certification.
It gives implementation guidance to speed up your work. It is not a certification body, it cannot issue ISO/IEC 27701 certification, and it is not legal advice.
Read the full ISO 27701 guide