Content library
ISO 27701

Requirements included in the framework

Policy
Linked frameworks
Framework
Tasks
Identify and document purpose
A.7.2.1
ISO 27701
3
Identify lawful basis
A.7.2.2
ISO 27701
2
Determine when and how consent is to be obtained
A.7.2.3
ISO 27701
1
Obtain and record consent
A.7.2.4
ISO 27701
2
Privacy impact assessment
A.7.2.5
ISO 27701
1
Contracts with PII processors
A.7.2.6
ISO 27701
2
Joint PII controller
A.7.2.7
ISO 27701
1
Records related to processing PII
A.7.2.8
ISO 27701
2
Determining and fulfilling obligations to PII principals
A.7.3.1
ISO 27701
2
Automated decision making
A.7.3.10
ISO 27701
1
Determining information for PII principals
A.7.3.2
ISO 27701
2
Providing information to PII principals
A.7.3.3
ISO 27701
2
Providing mechanism to modify or withdraw consent
A.7.3.4
ISO 27701
2
Providing mechanism to object to PII processing
A.7.3.5
ISO 27701
1
Access, correction and/or erasure
A.7.3.6
ISO 27701
3
PII controllers' obligations to inform third parties
A.7.3.7
ISO 27701
3
Providing copy of PII processed
A.7.3.8
ISO 27701
2
Handling requests
A.7.3.9
ISO 27701
1
Limit collection
A.7.4.1
ISO 27701
2
Limit processing
A.7.4.2
ISO 27701
3
Accuracy and quality
A.7.4.3
ISO 27701
1
PII minimization objectives
A.7.4.4
ISO 27701
1
PII de-identification and deletion at the end of processing
A.7.4.5
ISO 27701
2
Temporary files
A.7.4.6
ISO 27701
1