ISO27701 Gap Assessment Tool PIMS-FORM-00-1
Implementation Guidance This Excel sheet must be removed from the final version of the document.
Design This spreadsheet has been designed using CertiKit's colour scheme. To choose a different colour scheme, go to the Page Layout ribbon, select Themes and choose a different style.
Purpose of this document This document should be used to assess the level of conformity of an organization against the ISO/IEC 27701 standard. It may be used by a consultant on behalf of a client or by an organization directly.
Areas of the standard addressed All areas of the ISO/IEC 27701 standard and the EU and UK GDPR are covered.
General guidance This tool allows you to perform a gap assessment against the ISO27701 standard and against the EU and UK versions of the GDPR. The questions asked are based on the contents of the relevant standard or regulation and are designed to give a reasonable assessment of the degree to which the relevant requirements are met. In all cases a "Yes" answer is taken as a positive indication. The results are summarised in a series of tables and in a selection of charts, organized by standard or regulation. If you would prefer to assess your conformity directly against the exact requirements of the ISO27701 standard, CertiKit offers a separate chargeable product, the CertiKit ISO27701 Enhanced Gap Assessment Tool which lists the requirements from the standard, word for word, line by line. Because this second option contains the full text from the standard, it is subject to a licensing agreement that CertiKit maintains with the ISO via BSI. The ISO27701 Enhanced Gap Assessment Tool is available for purchase from our website.
Review frequency It is a good idea to revisit this assessment on a regular basis throughout your project to obtain an indication of progress and as a final check prior to an external audit.
Toolkit version number ISO/IEC 27701 Toolkit Version 2
Copyright notice Except for any specifically identified third-party works included, this document has been authored by CertiKit, and is ©CertiKit except as stated below. CertiKit is a company registered in England and Wales with company number 6432088.
20/01/2026
Page 1 of 36
[Insert classification here]