1 Scope
This document specifies requirements and provides guidance for bodies providing audit
and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006 and ISO/IEC 27701. It is primarily intended to support the accreditation of certification bodies providing
PIMS certification.
The requirements contained in this document need to be demonstrated in terms of competence
and reliability by anybody providing PIMS certification, and the guidance contained
in this document provides additional interpretation of these requirements for any
body providing PIMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment
or other audit processes.