Did you know that we now support the International Organization for Standardization (ISO) 27701 standard? This new addition to our framework library is standard for privacy information management and helps companies stay ahead of the compliance curve.

ISO 27701 is an incremental addition to ISO 27001 and was designed as the framework for demonstrating privacy compliance with laws such as the California Privacy Rights Act (CPRA) and European Union General Data Protection Regulation (GDPR). We now make it easier for organizations to efficiently meet the requirements for both 27701 and 27001.

Here's what our CEO and co-founder Justin Beals had to say:

“We’re excited to announce our support for ISO 27701, a trust asset that is more rigorous and valuable to buyers in the marketplace than SOC 2. Only Strike Graph offers the ability and cost savings to bundle an internal audit, penetration test and the technology necessary for a business to successfully implement and cover ISO 27701. Since it’s relatively new, few organizations have adopted ISO 27701, meaning certification will help you get—and stay—ahead of the privacy compliance curve.” 

Our platform helps companies scope the correct size audit, dynamically adjust controls, and successfully complete a security certification with an internationally recognized auditor. We also support ISO 27001:2013 and are poised to support the highly anticipated 27002:2022 update, in addition to SOC 2, HIPAA, ISO 27000 series (or ISO 27001, ISO 27701), CCPA / CPRA, and GDPR. 

How does ISO 27701 relate to the 27000 series?

ISO 27701 is an "add on" to 27000 which introduces the concept of a Privacy Information Management System by taking the ISO 27001’s “ISMS” and relevant Annex Controls and layering on privacy concepts. If a business becomes ISO 27701 certified, by default it’s also ISO 27001 certified, which helps organizations better align and comply with GDPR and use standards to encompass other, applicable privacy and data protection regulations like CCPA / CPRA.

“Strike Graph allowed us to successfully and efficiently pass and achieve our ISO 27001 certification with an independent assessor. This prestigious certification is a trust asset that helps our company facilitate agreements, secure deals, and safeguard our reputation,” said Sean Blake, Chief Information Officer at BioAgilytix.