UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

ISO/IEC DIS 27552

Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines

active, Most Current
Buy Now
Organization: ISO
Publication Date: 26 December 2018
Status: active
Page Count: 79
ICS Code (IT Security): 35.030
scope:

This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy management within the context of the organization.

In particular, this document specifies PIMS-related requirements and provides guidance for PII controllers and PII processors holding responsibility and accountability for PII processing.

This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors processing PII within an ISMS.

Excluding any of the requirements specified in Clause 5 of this document is not acceptable when an organization claims conformity to this document.

Document History

ISO/IEC DIS 27552
December 26, 2018
Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines
This document specifies requirements and provides guidance for establishing, implementing, maintaining and continually improving a Privacy Information Management System (PIMS) in the form of an...

References

This document references:
ISO 20899 - Water quality - Plutonium and neptunium - Test method using ICP-MS
Published by ISO on September 1, 2018
This document specifies methods used to determine the concentration of plutonium and neptunium isotopes in water by inductively coupled plasma mass spectrometry (ICP-MS) (239Pu, 240Pu, 241Pu and...
This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements
Published by ISO on October 1, 2013
This International Standard specifies the requirements for establishing, implementing, maintain and continually improving an information security management system within the context of the...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document is referenced by:
ISO/IEC TR 22678 - Information technology - Cloud computing - Guidance for policy development
Published by ISO on January 1, 2019
This document provides guidance on the use of international standards as a tool in the development of those policies that govern or regulate cloud service providers (CSPs) and cloud services, and...
This document is referenced by:
TR 103 370 - Practical introductory guide to Technical Standards for Privacy
Published by ETSI on January 1, 2019
The present document gives a guide to the use of standards to assist in the management of privacy. The present document contains the following key elements: • Table 1 contains a collation of terms...
This document is referenced by:
BS PD ISO/IEC TR 22678 - Information technology — Cloud computing — Guidance for policy development
Published by BSI on January 31, 2019
A description is not available for this item.
This document is referenced by:
ISO/IEC 29184 - Information technology — Online privacy notices and consent
Published by ISO on June 1, 2020
This document specifies controls which shape the content and the structure of online privacy notices as well as the process of asking for consent to collect and process personally identifiable...
This document is referenced by:
ISO/IEC TR 27550 - Information technology — Security techniques — Privacy engineering for system life cycle processes
Published by ISO on September 1, 2019
This document provides privacy engineering guidelines that are intended to help organizations integrate recent advances in privacy engineering into system life cycle processes. It describes: — the...
View Less
View All
Advertisement