Information security, cybersecurity and privacy protection — Application of ISO 31000:2018 for organ...
Scope
This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018.
This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an…
Information security, cybersecurity and privacy protection — Privacy enhancing data de-identificatio...
Scope
This document provides a framework for identifying and mitigating re-identification risks and risks associated with the lifecycle of de-identified data.
This document is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, that are PII controllers or PII processors acting on a controller’s behalf…
Information security, cybersecurity and privacy protection — Verification of cryptographic protocols...
Scope
This document establishes a framework for the verification of cryptographic protocol specifications according to academic and industry best practices.
Information technology — Security techniques — Guidelines for privacy impact assessment
Scope
This document gives guidelines for:
— a process on privacy impact assessments, and
— a structure and content of a PIA report.
It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations.
This document is relevant to those involved in designing or implementing projects, including the…
Information security, cybersecurity and privacy protection — Information security management systems...
1 Scope
This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this document are…
Information technology - Security techniques - Privacy framework
This document provides a privacy framework which:
— specifies a common privacy terminology;
— defines the actors and their roles in processing personally identifiable information (PII);
— describes privacy safeguarding considerations;
— provides references to known privacy principles for information technology.
This document is applicable to natural persons and organizations involved…
Information technology — Security techniques — Privacy framework
This document provides a privacy framework which:
— specifies a common privacy terminology;
— defines the actors and their roles in processing personally identifiable information (PII);
— describes privacy safeguarding considerations;
— provides references to known privacy principles for information technology.
This document is applicable to natural persons and organizations involved…
