As the first data privacy certification available, ISO 27701 can greatly reduce the complexity of managing privacy, risk and proving compliance with regulations like CCPA, GDPR.   Those organizations that already have a 27001 certification or are considering that certification can add on 27701 to change an Information Security Management System (ISMS) into an Information Security & Privacy Management System (ISPMS)   Debbie Zaller, Principal and co-owner at Schellman & Company, shares her in-depth knowledge of ISO 27701 on this episode of The Virtual CISO Podcast.   What we talked about:

• Unpacking the this new certifiable extension
• Why “ISO 27701 Certified” and “GDPR fully compliant” are not the same (but VERY clos)
• Why 27701 is the answer to reputable privacy compliance

  Resources we mentioned: 

• https://www.aicpa.org/
• https://gdpr-info.eu/
• https://oag.ca.gov/privacy/ccpa

  To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here.
If you don’t use Apple Podcasts, you can find all our episodes here.