Rechercher

The standard establishes a set of processes by which engineers and technologists can include consideration of ethical values throughout the stages of concept exploration and development, which encompass system initiation, analysis, and design. This standard provides engineers and technologists with an implementable process aligning innovation management processes, system design approaches, and…

This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018. This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an individual…

This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018. This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an individual…

This document defines the set of frameworks of consent for the collection, use and/or disclosure of personal information by healthcare practitioners or organizations that are frequently used to obtain agreement to process the personal health information of subjects of care. This is in order to provide an informational consent framework which can be specified and used by individual policy domains…

This document provides high-level security and privacy requirements and recommendations for authentication using biometrics on mobile devices, including security and privacy requirements and recommendations for functional components and for communication. This document is applicable to the cases that the biometric data and derived biometric data do not leave the device, i.e. local modes.

This document provides high-level security and privacy requirements and recommendations for authentication using biometrics on mobile devices, including security and privacy requirements and recommendations for functional components and for communication. This document is applicable to the cases that the biometric data and derived biometric data do not leave the device, i.e. local modes.

This Standard specifies minimum requirements for the acceptable and responsible collection and use of contact tracing and monitoring data in the workplace. This Standard applies to the governance of current and future use of data that is created, collected, stored or controlled by contact tracing and monitoring solutions, and impacts the management processes and decisions relating to data…

This document specifies information metadata, auxiliary fields, SAM interoperability, protection metadata and programming interfaces of genomic information. It defines: —    metadata storage and interpretation for the different encapsulation levels as specified in ISO/IEC 23092-1 (in Clause 6); —    protection elements providing confidentiality, integrity and privacy rules at the different…

This document provides guidance to assist organizations to: —    fulfil the requirements of ISO/IEC 27001 concerning actions to address information security risks; —    perform information security risk management activities, specifically information security risk assessment and treatment. This document is applicable to all organizations, regardless of type, size or sector.

This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this document are generic and…