What is ISO/IEC 27701:2019?
As an extension to ISO/IEC 27001 and ISO/IEC 27002 in the field of privacy protection, ISO/IEC 27701:2019 provides guidelines for establishing, implementing, maintaining, and continuously improving a privacy information management system.
ISO/IEC 27701:2019 is applicable to all types and sizes of organizations, including public and private companies, government entities and non-profit organizations, which process personally identifiable information in an information security management system (ISMS) to reduce risks with personal privacy.
What does ISO/IEC 27701:2019 certification mean?
ISO/IEC 27701:2019 is a milestone in the continuous management of privacy risks. It systematically outlines the concepts, requirements, and implementation guidelines of privacy security management systems for the first time in the world. Tencent Cloud has always put user privacy protection at the core of its services. The values brought by ISO/IEC 27701:2019 are self-evident in the following aspects:
For product improvement: based on the personal data-intensive nature of cloud service providers, ISO/IEC 27701:2019 provides clear and implementable guidelines for personal data protection by Tencent Cloud products, fully complementing the standardization and reliability of privacy protection for Tencent Cloud products.
For external communication: ISO/IEC 27701:2019 contributes to the establishment of a transparent communication mechanism that builds customers' trust in Tencent Cloud's privacy protection capabilities, provides more objective information for risk assessment, and promotes the formation of effective business relationships.
For Tencent Cloud's regulatory compliance: the universality of ISO/IEC 27701:2019 reduces the complexity of response to multiple regulators and improves Tencent Cloud's responsiveness to regulatory compliance.