Abstract

ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).

In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s).

ISO/IEC 29151 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.

Begin

2024-05-21

WI

JT013080

Planned document number

DIN EN ISO/IEC 29151

Project number

04301139

Responsible national committee

NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity  

Responsible european committee

CEN/CLC/JTC 13 - Cybersecurity and Data Protection  

Responsible international committee

ISO/IEC JTC 1/SC 27/WG 5 - Identity management and privacy technologies  

previous edition(s)

Information technology - Security techniques - Code of practice for personally identifiable information protection (ISO/IEC 29151:2017); German version EN ISO/IEC 29151:2022
2022-07

Order from DIN Media