ISO/IEC DIS 27006-2
Requirements for bodies providing audit and certification of information security management systems — Part 2: Privacy information management systems
| Organization: | ISO |
| Publication Date: | 18 July 2023 |
| Status: | pending |
| Page Count: | 24 |
| ICS Code (Product and company certification. Conformity assessment): | 03.120.20 |
| ICS Code (IT Security): | 35.030 |
scope:
This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006-1.
The requirements contained in this document are demonstrated in terms of competence and reliability by bodies providing PIMS certification. The guidance contained in this document provides additional interpretation of these requirements for bodies providing PIMS certification.
NOTE This document can be used as a criteria document for accreditation, peer assessment or other audit processes.
[Editors' note: The text of this revised edition of ISO/IEC 27006-2 (including its scope) will be kept under review by ISO/CASCO throughout the project life-cycle. All comments and feedback from CASCO and its members will be discussed and resolved at WG 5 meetings. Also please note that the scope is consistent with ISO/IEC 27006:2015 and the consistency with the revision of ISO/IEC 27006 (i.e. 27006-1) will be kept during the revision of ISO/IEC 27006-2.]
Document History
