ISO/IEC 27701:2019: An introduction to privacy information management
1st Edition
Published on 30. January 2020
50 pages
978-1-78778-200-6 (ISBN)
Description
An ideal primer for anyone implementing a PIMS based on ISO/IEC 27701
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
Individuals looking for general information about privacy information management; and
Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
What privacy information management means;
How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
Key areas of investment for a business-focused PIMS; and
How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful throughout a number of stages in any privacy information management project - buy your copy today!
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
Individuals looking for general information about privacy information management; and
Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
What privacy information management means;
How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
Key areas of investment for a business-focused PIMS; and
How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful throughout a number of stages in any privacy information management project - buy your copy today!
More details
Language
English
Place of publication
Ely
United Kingdom
Target group
Professional and scholarly
US School Grade: College Graduate Student
File size
0,57 MB
ISBN-13
978-1-78778-200-6 (9781787782006)
Copyright in bibliographic data and cover images is held by Nielsen Book Services Limited or by the publishers or by their respective licensors: all rights reserved.
Schweitzer Classification
Other editions
Additional editions
Alan Shipman | Steve Watkins
ISO/IEC 27701:2019: An introduction to privacy information management
2019: An introduction to privacy information management
Book
01/2020
IT Governance Publishing
€17.10
Article exhausted; check different version
Alan Shipman | Steve Watkins
ISO/IEC 27701:2019: An introduction to privacy information management
E-Book
01/2020
1st Edition
IT Governance Publishing
€11.49
Available for download
Persons
Alan Shipman is the managing director of Group 5 Training Limited. He was the project editor for ISO/IEC 27701:2019 and is also the chair of IST/33/5, which is responsible for the UK's contributions to the work of ISO/IEC JTC1/SC27/WG5 which deals with identity management and privacy technologies.
Alan has over 30 years' experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Steve Watkins is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.
Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He chairs the UK national committee (IST 33) that mirrors SC 27, and is the Chair of the UK ISO/IEC 27001 User Group.
He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.
Alan has over 30 years' experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Steve Watkins is a Director of Kinsnall Consulting Ltd, providing board-level advice on cyber security and related standards.
Steve is an active member of SC 27, the international committee responsible for cyber security, information security and privacy protection standards, including the ISO 27001 family. He chairs the UK national committee (IST 33) that mirrors SC 27, and is the Chair of the UK ISO/IEC 27001 User Group.
He is also a contracted ISMS and ITSMS Technical Assessor for UKAS, supporting the assessment of certification bodies offering accredited certification to ISO/IEC 27001 and ISO/IEC 20000-1.
Content
Introduction
Chapter 1: What is privacy information management?
Chapter 2: What needs to be considered?
Chapter 3: ISO/IEC 27701 and the privacy information management system requirements
Chapter 4: Legal, regulatory and contractual requirements and business risk
Chapter 5: Privacy information management controls
Chapter 6: Certification
Chapter 7: Terms and definitions
Chapter 1: What is privacy information management?
Chapter 2: What needs to be considered?
Chapter 3: ISO/IEC 27701 and the privacy information management system requirements
Chapter 4: Legal, regulatory and contractual requirements and business risk
Chapter 5: Privacy information management controls
Chapter 6: Certification
Chapter 7: Terms and definitions
