ISO/IEC 29151:2017
Information technology - Security techniques - Code of practice for personally identifiable information protection
Technologies de l'information - Techniques de sécurité - Code de bonne pratique pour la protection des données à caractère personnel
| Standard number: | ISO/IEC 29151:2017 |
| Released: | 2017-08-18 |
| Edition: | 1 |
| ICS: | 35.030 |
| Pages (English): | 39 |
ISO/IEC 29151:2017
ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s).
ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.
Information security, cybersecurity and privacy protection - Information security management systems - Requirements
Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines
Information security, cybersecurity and privacy protection - Information security controls