• ISO/IEC 27701 is a data privacy extension to ISO/IEC 27001. This newly published information security standard provides guidance for organizations looking to put in place systems to support compliance with GDPR and other data privacy requirements. ISO/IEC 27701, also abbreviated as PIMS (Privacy Information Management System) outlines a framework for Personally Identifiable Information (PII)¬†Controllers and PII Processors to manage data privacy. Privacy information management systems are sometimes referred to as personal information management systems.