Does your organization process personal data on behalf of customers (as a processor) or for your own purposes (as a controller)?

ISO 27701 extends ISO 27001 with PII-specific controls for both PII controllers and processors.