ISO 27701

Streamline ISO 27701 with Shared Controls

Accelerate ISO 27701 privacy compliance by building on ISO 27001 work.

Streamline your ISO 27701 compliance activities

Get ISO 27701 Audit-Ready Faster

ISO 27701 compliance requires you to be ISO 27001 compliant, then builds additional controls unique to the Privacy Information Management System (PIMS).


Drata’s shared controls framework means that once you build your ISMS, you can map those controls to ISO 27701 rather than starting from scratch. You can use Drata’s controls and central readiness dashboard to determine your requirement scoping baseline and gain at-a-glance visibility into the controls you still need to implement. 

Get ISO 27701 Audit-Ready Faster Image
Maintain your compliance posture with continuous control monitoring

A Single-Source Of ISO 27701 Documentation

Getting ISO 27701 compliant can be time consuming, but maintaining your compliance posture shouldn’t be. Drata’s platform can continuously monitor in-scope systems to ensure your controls function as intended.


We send alerts for controls that fall out of compliance and provide suggestions about how to remediate the issue. With Drata, you have all your compliance documentation in a single location, including suggested control baselines, continuous control monitoring, and a shareable security report enabling you to effectively communicate with third parties.

A Single-Source Of ISO 27701 Documentation Image
Map custom controls to automated tests

Customize ISO 27701 Controls without Sacrificing Automation

ISO 27701 applies to PII Controllers and PII Processors. A company can be one or both, requiring it to implement different controls for each. You can build your framework in Drata based on your scope of work, using either our cross-mapped controls or create your own.


By mapping these to our automated tests, you get the customization you need and the automation you want. Further, with our Jira integrations, you can automate the delegation and tracking of compliance-related tasks. 

ISO 27701 - Create Custom Controls While Still Leveraging Automation @2x
Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

The quality and philosophy of support at Drata are unparalleled. Drata is superb in usability, design and integrations.
Headshot - David Caughill

David Caughill

DevOps Engineer

The promise of automation has long been discussed in the compliance world, but never truly realized. Drata has turned that into reality.
Jonathan Jaffe-Lemonade-pl1hsmgs4v19wk5yps2425mwmo8l8dsvzt7qn25wn4

Jonathan Jaffe

CISO

Drata helped us to seamlessly transition into a fully integrated compliance program and was essential to our SOC 2.
Diana Cohen

Diana Cohen

Head of Legal & Compliance

Drata also worked to understand our audit needs and matched us with an auditor who has been terrific. Drata is a luxury limousine for your compliance journey.
Headshot - Joshua Peskay

Joshua Peskay

vCIO

Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

The quality and philosophy of support at Drata are unparalleled. Drata is superb in usability, design and integrations.
Headshot - David Caughill

David Caughill

DevOps Engineer

The promise of automation has long been discussed in the compliance world, but never truly realized. Drata has turned that into reality.
Jonathan Jaffe-Lemonade-pl1hsmgs4v19wk5yps2425mwmo8l8dsvzt7qn25wn4

Jonathan Jaffe

CISO

Drata helped us to seamlessly transition into a fully integrated compliance program and was essential to our SOC 2.
Diana Cohen

Diana Cohen

Head of Legal & Compliance

Drata also worked to understand our audit needs and matched us with an auditor who has been terrific. Drata is a luxury limousine for your compliance journey.
Headshot - Joshua Peskay

Joshua Peskay

vCIO

Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

The quality and philosophy of support at Drata are unparalleled. Drata is superb in usability, design and integrations.
Headshot - David Caughill

David Caughill

DevOps Engineer

The promise of automation has long been discussed in the compliance world, but never truly realized. Drata has turned that into reality.
Jonathan Jaffe-Lemonade-pl1hsmgs4v19wk5yps2425mwmo8l8dsvzt7qn25wn4

Jonathan Jaffe

CISO

Drata helped us to seamlessly transition into a fully integrated compliance program and was essential to our SOC 2.
Diana Cohen

Diana Cohen

Head of Legal & Compliance

Drata also worked to understand our audit needs and matched us with an auditor who has been terrific. Drata is a luxury limousine for your compliance journey.
Headshot - Joshua Peskay

Joshua Peskay

vCIO

Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

The quality and philosophy of support at Drata are unparalleled. Drata is superb in usability, design and integrations.
Headshot - David Caughill

David Caughill

DevOps Engineer

The promise of automation has long been discussed in the compliance world, but never truly realized. Drata has turned that into reality.
Jonathan Jaffe-Lemonade-pl1hsmgs4v19wk5yps2425mwmo8l8dsvzt7qn25wn4

Jonathan Jaffe

CISO

Drata helped us to seamlessly transition into a fully integrated compliance program and was essential to our SOC 2.
Diana Cohen

Diana Cohen

Head of Legal & Compliance

Drata also worked to understand our audit needs and matched us with an auditor who has been terrific. Drata is a luxury limousine for your compliance journey.
Headshot - Joshua Peskay

Joshua Peskay

vCIO

Having centralized and detailed visibility of all our personnel, assets, and being able to see what compliance requirements need our attention has streamlined the entire process.
Headshot - Lola Kureno

Lola Kureno

Cyber Security Engineer

Logo - INE
Logo - Red Rover
Lemonade Logo
Lilt logo
Logo - RoundTable Technology
Logo - INE
Logo - Red Rover
Lemonade Logo
Lilt logo
Logo - RoundTable Technology
Logo - INE
Logo - INE
Logo - Red Rover
Lemonade Logo
Lilt logo
Logo - RoundTable Technology
Logo - INE
Logo - Red Rover
Lemonade Logo
Lilt logo
Logo - RoundTable Technology
Logo - INE

Join the thousands of companies that trust Drata

Abnormal Logo
Airbase
BambooHR Logo
BigID Logo
Clearbit Logo
Clearco Logo
Fivetran Logo
Lemonade Logo
Notion Logo
SoFi Logo
Vercel Logo
Wordpress VIP

What's Included With ISO 27701

Everything you need for ISO 27701, in one platform.

Readiness Dashboard

One Central Dashboard

Know where you stand. Our Framework Readiness Dashboard tracks progress towards requirements and controls.

Shared Controls

Shared Controls

Streamline ISO 27701 framework efforts by implementing controls already enabled for your other frameworks.

Customization For Your Business Needs

Customization for Your Needs

ISO 27701 can be customized to meet the needs of your business through features like custom controls and mapping automated tests to controls.

Continuous Control Monitoring Icon

Continuous Monitoring

Drata displays the necessary requirements associated with ISO 27701. We always stay up-to-date on the latest information so you don't have to worry about falling out of compliance.

World Class Support

Trusted Advisors

Every customer receives access to former auditors, solution architects, and compliance advisors. You’ll have a trusted team to answer your questions.

One Complete Solution

One Complete Solution

Compliance made easy. Build, manage, maintain, and automate all your GRC needs in a single platform.

The Latest Resources

Blog

Frameworks-Blog-Image-1200-x-628@2x-1-2048x1072

New Frameworks: CCPA, ISO 27701, & More

We've added frameworks to the Drata platform including CCPA, ISO 27701, Microsoft SSPA, NIST CSF, NIST 800-171, NIST 800-53, CMMC, and FFIEC.

Learn More

Blog

Alev-Blog-Header-1

Drata Welcomes New Director of Compliance: Alev Viggio

Meet Alev Viggio, Drata’s new Director of Compliance.

Learn More

Blog

Blog-Featured-Images-16

Our Path to ISO 27001

We’re excited to announce our ISO 27001 certification. Read about what our process looked like and key learnings your team may find useful.

Learn More

Frequently Asked Questions About ISO 27701

ISO 27701 is an extension of ISO 27001, and enhances ISO 27001 requirements and Annex A controls with privacy measures. Those that have already implemented ISO 27001 with Drata will be able to build upon that to get to ISO 27701 in less time and effort. 

Similar to ISO 27001, ISO 27701 is for private, public, and government organizations that need to take a risk-based approach to processing and storing PII. It’s key to note that an ISO 27701 certification is only available as an extension of an ISO 27001 certification; it cannot be obtained on its own.


Having both ISO 27001 and ISO 27701 certifications means that a data privacy management system is in place. This sets up companies and organizations to ensure compliance with additional data privacy frameworks like CCPA and GDPR.

Yes, with Drata's custom control feature, you can create controls for each framework based on your individual scope of work.

Automate Your Journey

Drata's platform experience is designed by security and compliance experts so you don't have to be one.

Connect

Easily integrate your tech stack with Drata.

Configure

Pre-map auditor validated controls.

Comply

Begin automating evidence collection.

Put Compliance on Autopilot

Close more sales and build trust faster while eliminating hundreds of hours of manual work to maintain compliance.