Rechercher

1 Scope This document provides guidance for: — selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII); — the procedure to define both privacy and security functional requirements in a coordinated manner; and — developing privacy functional requirements as extended components based on the privacy principles…

1 Scope This document defines a privacy architecture framework that: — specifies concerns for ICT systems that process PII; — lists components for the implementation of such systems; and — provides architectural views contextualizing these components. This document is applicable to entities involved in specifying, procuring, architecting, designing, testing, maintaining, administering and…

This document defines requirements to support information exchanges among related entities of a common payment scheme. It defines: a) electronic fee collection (EFC) functional requirements for a common payment medium; b) an application structure in a common payment medium; c) EFC application data in a common payment medium. The following are outside the scope of this document: —…

This Standard specifies minimum requirements in protecting human values and incorporating ethics in the design and use of automated decision systems. This Standard is limited to artificial intelligence (AI) using machine learning for automated decisions. This Standard applies to all organizations, including public and private companies, government entities, and not-for-profit organizations. It…

This document provides privacy engineering guidelines that are intended to help organizations integrate recent advances in privacy engineering into system life cycle processes. It describes: — the relationship between privacy engineering and other engineering viewpoints (system engineering, security engineering, risk management); and — privacy engineering activities in key engineering…

This document provides privacy engineering guidelines that are intended to help organizations integrate recent advances in privacy engineering into system life cycle processes. It describes: — the relationship between privacy engineering and other engineering viewpoints (system engineering, security engineering, risk management); and — privacy engineering activities in key engineering…

This document specifies privacy and data protection requirements and attributes to inform design of learning analytics systems and learning analytics practices in schools, universities, workplace learning and blended learning settings.

This document specifies privacy and data protection requirements and attributes to inform design of learning analytics systems and learning analytics practices in schools, universities, workplace learning and blended learning settings.

This document focuses on remote maintenance services (RMS) for information systems in healthcare facilities (HCFs) as provided by vendors of medical devices and health information systems. This document specifies the risk assessment necessary to protect remote maintenance activities, taking into consideration the special characteristics of the healthcare field such as patient safety, regulations…

This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization. This document specifies PIMS-related requirements and provides guidance for PII controllers and…