Security & Compliance
ISO 27701:2019 is an extension to ISO 27001 for Privacy Information Management. The basis of this certification is to enhance the existing Information Security Management System (ISMS) with additional requirements in order to establish, implement, maintain, and continually improve a Privacy Information Management System. The standard outlines a framework for Personally Identifiable Information (PII) Controllers and PII Processors to manage privacy controls to reduce the risk to the privacy rights of individuals.
This widely-recognized international standard specifies that SHL does the following:
- Achieves compliance to privacy requirements globally ensuring that we manage our data both as a data controller and a data processor to the highest standard.
- Ensure that we implement and design a suite of security controls to ensure that data is controlled within all legislative requirements globally.
- We have an overarching management process to ensure that the information security and privacy controls meet our needs on an ongoing basis.
SHL has certification for compliance with ISO/IEC 27701:2019 which is audited by independent third-party auditors. Our compliance with these internationally-recognized standards and code of practice is evidence of our commitment to information security and privacy at every level of our organization, and that the SHL security program is in accordance with industry-leading best practices.
This document was last updated: September 2022