ISO/IEC 27701:2019 is an extension of the ISO/IEC 27001 and ISO/IEC 27002 Standards [establishment of an Information Security Management System (ISMS)] defining the requirements and providing instructions for the establishment and implementation of a Privacy Information Management System (PIMS).
ISO 27701 is based on the requirements and controls of ISO 27001 and includes a set of additional requirements and controls specifically related to the protection of personal data.
The Standard applies to all types and sizes of Organizations, including public and private companies, government agencies and non-profit organizations, which control and/or process personal data.