Search

This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the…

This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the…

1 Scope This International Standard defines a privacy architecture framework that: — specifies concerns for ICT systems that process PII; — lists components for the implementation of such systems; and — provides architectural views contextualizing these components. This International Standard is applicable to entities involved in specifying, procuring, architecting, designing, testing,…

1 Scope This International Standard provides organizations with high-level guidance about how to assess their capability to manage privacy-related processes. In particular, it — specifies steps in assessing processes to determine privacy capability, — specifies a set of levels for privacy capability assessment, — provides guidance on the key process areas against which privacy capability…

This document defines a privacy architecture framework that: — specifies concerns for ICT systems that process PII; — lists components for the implementation of such systems; and — provides architectural views contextualizing these components. This document is applicable to entities involved in specifying, procuring, architecting, designing, testing, maintaining,…

This document defines a privacy architecture framework that: — specifies concerns for ICT systems that process PII; — lists components for the implementation of such systems; and — provides architectural views contextualizing these components. This document is applicable to entities involved in specifying, procuring, architecting, designing, testing, maintaining,…

This document provides a description of privacy-enhancing data de-identification techniques, to be used to describe and design de-identification measures in accordance with the privacy principles in ISO/IEC 29100. In particular, this document specifies terminology, a classification of de-identification techniques according to their characteristics, and their applicability for reducing the risk of…

This document provides a description of privacy-enhancing data de-identification techniques, to be used to describe and design de-identification measures in accordance with the privacy principles in ISO/IEC 29100. In particular, this document specifies terminology, a classification of de-identification techniques according to their characteristics, and their applicability for reducing the risk of…

Artificial intelligence (AI) is continuously making inroads into domains previously reserved to humans. Robots support workers in the manufacturing sector; digital assistants automate office tasks; intelligent appliances order food based on owners’ preferences or control lighting and temperature in the home in preparation of their arrival. Increasingly sophisticated algorithms have the potential…

This document provides guidance for: — selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII); — the procedure to define both privacy and security functional requirements in a coordinated manner; and — developing privacy functional requirements as extended components based on the privacy…