除了ISO/IEC 27006中包含的要求外，本文件还规定了根据ISO/IEC 27701结合ISO/IEC 27001对隐私信息管理系统（PIMS）进行审计和认证的机构的要求并提供了指导。其主要目的是支持提供PIMS认证的认证机构的认证。 提供PIMS认证的任何机构都需要从能力和可靠性的角度证明本文件中包含的要求，本文件中的指导为提供PIMS证书的任何机构提供了对这些要求的额外解释。 注:本文件可用作认证、同行评估或其他审计过程的标准文件。

This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006. It is primarily intended to support the accreditation of certification bodies providing PIMS certification. The requirements contained in this document need to be demonstrated in terms of competence and reliability by any body providing PIMS certification, and the guidance contained in this document provides additional interpretation of these requirements for any body providing PIMS certification. NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.