Abstract
ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s).
ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.
General information
-
Status: Under developmentStage: Close of comment period [30.60]
-
Edition: 2
-
Technical Committee :ISO/IEC JTC 1/SC 27
- RSS updates
Life cycle
-
Previously
PublishedISO/IEC 29151:2017
-
Now
Got a question?
Check out our FAQs
Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)