ISO/IEC CD 27552:2018 Security techniques. Extension to ISO/IEC 27001 and to ISO/IEC 27002 for privacy management. Requirements and guidelines
Please note that between 8:30 and 15:30 GMT on 17th of November you may not be able to purchase items on the BSI shop as we are updating our systems. Thank you for your patience. Please return to the site to make your purchases after 15:30 GMT on 17th of November 2018.

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

ISO/IEC 2nd CD 27552:2018

Security techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines

Status : Current   Published : June 2018

Format
PDF



* This is the second committee draft of ISO/IEC 27552

What is this standard about?

Almost every organization processes Personally Identifiable Information (PII) and many increasingly need to cooperate with other organizations on PII processing. In addition privacy protection in the context of PII processing has become a societal need, as well as the topic of dedicated laws and regulations all over the world. 

This document therefore specifies requirements for a Privacy Information Management System (PIMS) that will add PII protection to an organization’s existing ISO/IEC 27001-defined information security management system (ISMS).

Who is this standard for?

All organizations which process PII, and within them, specifically:

  • PII controllers (including those who are joint PII controllers)
  • PII processors (including those using sub-contracted PII processors) 

Why should you use this standard? 

This document defines requirements additional to those found in the information security management system standard BS EN ISO/IEC 27001 which specifically protect Personally Identifiable Information (PII).  

Organizations that comply with this document will generate documentary evidence of how they handle the processing of PII.  Such evidence can be used to facilitate agreements with business partners where the processing of PII is mutually relevant. This might also assist in relationships with other stakeholders. 

NOTE: The use of this standard in conjunction with ISO/IEC 27001 can, if desired, provide independent verification of this evidence, although compliance with this document cannot be taken as compliance with laws and regulations.

* This document is not an ISO International Standard. It is distributed for review and comment. It is subject to change without notice and may not be referred to as an International Standard. This document defines these additional requirements and guidance for the protection of PII, enabling an organizations' Management System to be extended to cover both the general requirements for information security (an Information Security Management System (ISMS)) and the more specific requirements for PII protection (a Privacy Information Management System (PIMS). These additional requirements and guidance are written in such a way that they are practically usable for PII protection by organizations of all sizes and cultural environments.




Standard NumberISO/IEC 2nd CD 27552:2018
TitleSecurity techniques. Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management. Requirements and guidelines
StatusCurrent
Publication Date12 June 2018
Draft Superseded ByISO/IEC DIS 27552
ICS35.030
CommitteeIST/33/5
PublisherISO
FormatA4
DeliveryYes
Pages75
File Size0.999 MB
NotesThis document is not an ISO International Standard. It is distributed for review and comment. It is subject to change without notice and may not be referred to as an International Standard. This document defines these additional requirements and guidance for the protection of PII, enabling an organizations' Management System to be extended to cover both the general requirements for information security (an Information Security Management System (ISMS)) and the more specific requirements for PII protection (a Privacy Information Management System (PIMS). These additional requirements and guidance are written in such a way that they are practically usable for PII protection by organizations of all sizes and cultural environments.
Price£20.00


 Your basket
Your basket is empty

Take the smart route to manage medical device compliance


Worldwide Standards
We can source any standard from anywhere in the world


BSOL

The faster, easier way to work with standards


Collaborate, Innovate, Accelerate.


Customers who bought this product also bought

  • BS EN ISO/IEC 27001:2017
    Information technology. Security techniques. Information security management systems. Requirements