Rechercher

This document defines an inventory of building blocks conceptually associated with different types of assessments of information and communication technology (ICT) trustworthiness. These assessments apply to areas such as governance, risk management, security evaluation, secure development lifecycle (SDL), supply chain integrity and privacy. This document also defines an ontology that organizes…

Scope This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018. This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an…

Scope This document provides a framework for identifying and mitigating re-identification risks and risks associated with the lifecycle of de-identified data. This document is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations, that are PII controllers or PII processors acting on a controller’s behalf…

Scope This document gives guidelines for: — a process on privacy impact assessments, and — a structure and content of a PIA report. It is applicable to all types and sizes of organizations, including public companies, private companies, government entities and not-for-profit organizations. This document is relevant to those involved in designing or implementing projects, including the…

This document provides guidance for members of governing bodies of organizations on the effective, efficient and acceptable use of a shared digital service platform among ecosystem organizations by: —     establishing a vocabulary for the governance of a shared digital service platform among ecosystem organizations; —     providing a framework for understanding the implications of the use of a…

This document provides guiding principles for members of governing bodies of organizations and those that support them on the effective, efficient and acceptable use of information technology (IT) within their organizations. This document is applicable to: —     the governance of the organization’s current, and future, use of IT; —     the governance of IT as a domain of governance of…

This document provides guidance for members of governing bodies of organizations on the effective, efficient and acceptable use of a shared digital service platform among ecosystem organizations by: — establishing a vocabulary for the governance of a shared digital service platform among ecosystem organizations; — providing a framework for understanding the implications of the use of a…

This document provides guiding principles for members of governing bodies of organizations and those that support them on the effective, efficient and acceptable use of information technology (IT) within their organizations. This document is applicable to: — the governance of the organization’s current, and future, use of IT; — the governance of IT as a domain of governance of…

This document describes the testing methodology based on acoustic emission (AE) for atmospheric and low-pressure (less than or equal to 50 kPa on top of the tank) metallic storage tank floors and the classification system to be used for test results. This document applies to acoustic emission testing (AT) for corrosion severity of atmospheric metal storage tank floors. The technique is limited to…

This document provides requirements, guidance and information for the design and fabrication of topsides structure for offshore structures, including in-service, pre-service and post-service conditions. The actions on topsides structure and the action effects in structural components are derived from this document, where necessary in combination with other International Standards in the ISO 19901…