WESTMINSTER, Colo., Sept. 9, 2019 /PRNewswire/ -- Coalfire, a trusted provider of cybersecurity advisory and assessment services, announced today that Coalfire ISO, Inc. ("Coalfire ISO") launched their new ISO/IEC 27701:2019 readiness assessment and certification service offering within their ISO delivery practice. The company is one of the first certification bodies to offer assessment and auditing services against the new International Standard.
The new readiness assessment service will aid organizations that are looking to transition from maintaining standalone Information Security Management Systems (ISMS) based on ISO 27001 to implementing the new expanded requirements for a Privacy Information Management System (PIMS) under an integrated model for quick deployment at minimal costs.
The ISO 27701 standard, published at the beginning of August, details the requirements for a PIMS, which governs the protection of personally identifiable information (PII). ISO 27701 is the first international privacy standard and provides a formal certification path for organizations to demonstrate their adherence to privacy provisions. The certification is an additive set of controls and management systems requirements based on ISO 27001, the widely adopted standard for information security.
Coalfire ISO followed the development of the new standard from draft issuance as ISO 27552 earlier this year to its final release as ISO 27701. The team was engaged early by existing ISO 27001 certificate clients who had interest in building the PIMS on top of their already-certified ISMS.
Within ten days of the standard's release, Coalfire ISO had successfully completed an initial certification audit of the ISO 27701 standard for OneTrust, the leading privacy, security and third-party risk technology platform, which was subsequently awarded certification for their demonstration of a conforming PIMS.
"OneTrust is proud to be the first company to achieve ISO 27701 certification, and our work with Coalfire provided us the opportunity to demonstrate our program regarding the processing of personal information with the help of our OneTrust privacy management technology," said Andrew Clearwater, CIPP/US, Chief Privacy Officer, OneTrust. "ISO 27701 may become the foundation for future GDPR certifications, so it's a significant achievement that can be used as a case study for other organizations seeking certification."
"The ISO 27701 standard utilizes best practices derived from foundational information security principles and applies it to a process-driven, risk-based approach for the protection of PII," said David Forman, Sr. Director, ISO Services at Coalfire. "This new baseline will establish a common alignment among organizations and will further clarify the provisions within the GDPR and other privacy regulations. We are excited to launch third-party assurance offerings supporting this landmark privacy publication and have confidence that this certification mechanism will only promote organizational maturity into the marketplace."
About Coalfire ISO
As the certification arm of Coalfire, Coalfire ISO provides audit and certification services to public and private sector organizations, adhering to the applicable requirements of both ISO/IEC 17021-1:2015 and ISO/IEC 27006:2015. Coalfire ISO is an accredited certification body under both the ANSI National Accreditation Board (ANAB) and the United Kingdom Accreditation Service (UKAS). CoalfireISO.com
OneTrust is the #1 most widely used privacy, security and third-party risk technology platform trusted by more than 3,000 companies to comply with the CCPA, GDPR, ISO 27001 and hundreds of the world's privacy and security laws. OneTrust's three primary offerings include OneTrust Privacy Management Software, OneTrust PreferenceChoice™ consent and preference management software, and OneTrust Vendorpedia™ third-party risk management software and vendor risk exchange. To learn more, visit OneTrust.com or connect on LinkedIn, Twitter and Facebook.