ISO/IEC DIS 27561
(Main)Information security, cybersecurity and privacy protection — Privacy operationalisation model and method for engineering (POMME)
Information security, cybersecurity and privacy protection — Privacy operationalisation model and method for engineering (POMME)
This document describes a model and method to operationalize ISO/IEC 29100 privacy principles into sets of controls and functional capabilities. The method is described as a process following ISO/IEC/IEEE It is designed for use with other standards and privacy It supports networked, interdependent applications and This document is intended for engineers and other practitioners developing systems controlling or processing PII.
Titre manque
General Information
Standards Content (Sample)
International
Standard
ISO/IEC 27561
First edition
Information security, cybersecurity
2024-03
and privacy protection — Privacy
operationalisation model and
method for engineering (POMME)
Sécurité de l’information, cybersécurité et protection de la
vie privée — Méthode et modèle d'opérationnalisation de la
confidentialité pour l'ingénierie (POMME)
Reference number
ISO/IEC 27561:2024(en) © ISO/IEC 2024
---------------------- Page: 1 ----------------------
ISO/IEC 27561:2024(en)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
© ISO/IEC 2024 – All rights reserved
ii
---------------------- Page: 2 ----------------------
ISO/IEC 27561:2024(en)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms. 7
5 Context of privacy operationalization . 7
5.1 General .7
5.2 Privacy engineering viewpoint.7
5.3 Privacy engineering operationalization model .8
5.4 Privacy engineering operationalization method .8
5.5 POMME processes overview .8
5.6 Privacy and security .9
6 Initial information inventory process . 10
6.1 Purpose .10
6.2 Outcomes .10
6.3 Define and describe the TOA .10
6.4 Participant and information source identification .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.