The achievement allows A-LIGN to certify organizations against the ISO/IEC 27701:2019 Standard
TAMPA, Fla. – March 19, 2020 – A-LIGN, a security, privacy and compliance provider that specializes in mitigating cybersecurity risks by assessing organizations with multiple compliance standards, received one of the first ISO/IEC 27701:2019 accreditation (ISO 27701) from the ANSI National Accreditation Board (ANAB) on March 18, 2020.
“We are extremely proud to announce that A-LIGN has been selected as one of the first ANAB-accredited ISO 27701 certification bodies,” said Scott Price, Chief Executive Officer at A-LIGN. “This accreditation validates the commitment we’ve made to our clients to assist them in elevating their organization and customers’ confidence in the protection of their personally identifiable information (PII). Our proprietary compliance management software will assist clients in aligning the 27701 requirements to their existing audits across multiple standards to mitigate cybersecurity and privacy risks.”
As the first international privacy standard, ISO 27701 provides a certification path for organizations to demonstrate their adherence to privacy requirements and controls. To receive an ISO 27701 accredited certificate, organizations must either be ISO 27001 certified or undergo a series of initial audits conducted by a certification body. Once an organization has achieved certification, the certification body conducts annual surveillance audits to ensure ongoing conformity. Certificates are valid for three years after the issue date.
A-LIGN’s clients will benefit from the ISO 27701 certification as it will streamline compliance obligations for ISO 27001 and the GDPR by integrating privacy into an organization’s information security management system. The protection of privacy in the context of PII processing continues to be a universal need and is a highly discussed topic of international regulation and legislation. There has been a surge in the quantity and types of PII that organizations are processing, and the number of situations where an organization needs to cooperate with other organizations regarding the processing of PII is increasing.
Established by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), the ISO/IEC 27701:2019 standard specifies the requirements and provides guidance for establishing, implementing, maintaining and continually improving an organization’s Privacy Information Management System (PIMS). ISO 27701 is applied in the form of an extension to ISO/IEC 27001:2013 and ISO/IEC 27002:2013 as it relates to privacy management within an organization, specifically around the processing of PII. The ISO 27701 standard can be used by both PII processors and PII controllers, including those organizations that are joint PII controllers.
# # #
A-LIGN is one of only a few globally recognized cybersecurity and privacy solutions providers that offer a single-provider approach for organizations. A-LIGN is a HITRUST CSF Assessor firm, Qualified Security Assessor Company, accredited ISO 27001, ISO 27701, ISO 22301 and ISO 9001 Certification Body, accredited FedRAMP 3PAO and licensed CPA firm. With the ability to work with small businesses to the largest of global enterprises, A-LIGN’s experts deliver custom solutions to clients that allow them to demonstrate trust and respect to their stakeholders through high-quality and innovative cybersecurity solutions. For more information, visit www.A-LIGN.com.
Senior Manager of Corporate Communications
(888) 702-5446 x445