ISO/IEC DIS 29151

Information security, cybersecurity and privacy protection – Controls and guidance for personally identifiable information protection ISO/IEC DIS 29151

General information

40.20 DIS ballot initiated: 12 weeks   Dec 17, 2024

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security

Scope

ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).
In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s).
ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.

Life cycle

PREVIOUSLY

PUBLISHED
ISO/IEC 29151:2017

NOW

IN_DEVELOPMENT
ISO/IEC DIS 29151
40.20 DIS ballot initiated: 12 weeks
Dec 17, 2024