ISO/IEC 27701 Certification Affirms Strength of CBRE’s Data Privacy Program

CBRE Group, Inc. has received ISO/IEC 27701 (Privacy Information Management System) certification for its Global Data Protection and Privacy Program. This internationally recognized certification demonstrates the company’s longstanding commitment to delivering exceptional privacy outcomes for clients, employees and other stakeholders globally.

“This robust certification confirms the maturity of CBRE’s privacy program,” said Shannon Clark, CBRE’s Global Head of Data Protection and Privacy. “It assures our stakeholders that CBRE’s Global Data Protection and Privacy Program complies with stringent international standards aligned to the European General Data Protection Regulation (GDPR) and other privacy regulations around the world.”

ISO/IEC 27701 is a privacy extension to CBRE’s ISO/IEC 27001 (Information Security Management System) certification with additional requirements to establish, implement, maintain and continually improve a Privacy Information Management System. A-LIGN, an accredited, independent evaluator, issued the ISO/IEC 27701 certification to CBRE following a three-day audit and interview process during which CBRE provided evidence of compliance with 189 required controls.