ISO-IEC-27701-2019

ISO/IEC 27701: Structure of the Standard

The requirements of the standard are segregated into the four following groups:

Clause 5: PIMS requirements related to ISO/IEC 27001
Clause 6: PIMS requirements related to ISO/IEC 27002
Clause 7: PIMS guidance for PII Controllers
Clause 8: PIMS guidance for PII Processors

The Annexes of the standard includes the following

PII Controllers: Annex A - PIMS-specific reference control objectives and controls.
PII Processors: Annex B - PIMS-specific reference control objectives and controls.
Annex C: Mapping to ISO/IEC 29100
Annex D: Mapping to the General Data Protection Regulation (GDPR)
Annex E: Mapping to ISO/IEC 27018 and ISO/IEC 29151
Annex F: How to apply ISO/IEC 27701 to ISO/IEC 27001 and ISO/IEC 27002