Information technology - Security techniques - Code of practice for personally identifiable information protection
ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s).
ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.
|Get this standard||Prices exclude GST|
|PDF ( Single user document)||
Keep me up-to-dateSign up to receive updates when there are changes to this standard
Information technology. Systems trustworthiness, Governance and management specification
Information security management systems, Guidelines for information security risk management
Design and operation of online user identification systems. Code of practice
BS EN 16495:2019
Air Traffic Management. Information security for organisations supporting civil aviation operations