ISO/IEC 27701:2019: An introduction to privacy information management
4.5/5
()
About this ebook
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
- Individuals looking for general information about privacy information management; and
- Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
- What privacy information management means;
- How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
- Key areas of investment for a business-focused PIMS; and
- How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
Alan Shipman
Alan Shipman is the managing director of Group 5 Training Limited. He was the project editor for ISO/IEC 27701:2019 and is also the chair of IST/33/5, which is responsible for the UK's contributions to the work of ISO/IEC JTC1/SC27/WG5 which deals with identity management and privacy technologies. Alan has over 30 years’ experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Read more from Alan Shipman
Knowledge Monopolies: The Academisation of Society Rating: 4 out of 5 stars4/5Wynne Godley: A Biography Rating: 0 out of 5 stars0 ratingsThe New Power Elite: Inequality, Politics and Greed Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27701:2019
Related ebooks
ISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsData Protection and Compliance: Second edition Rating: 0 out of 5 stars0 ratingsIntro to GDPR: A Plain English Guide to Compliance Rating: 0 out of 5 stars0 ratingsISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5Data Protection Officer Rating: 3 out of 5 stars3/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsFundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5IAPP CIPM Certified Information Privacy Manager Study Guide Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 3 out of 5 stars3/5An Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Governance and Internal Controls for Cutting Edge IT Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsThe Basics of IT Audit: Purposes, Processes, and Practical Information Rating: 4 out of 5 stars4/5Information Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsData Privacy: A runbook for engineers Rating: 0 out of 5 stars0 ratingsInformation Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsThe Psychology of Information Security: Resolving conflicts between security compliance and human behaviour Rating: 5 out of 5 stars5/5Build a Security Culture Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5Risk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratings
Computer & Internet Law For You
Website Law: The Legal Guide for Website Owners and Bloggers Rating: 5 out of 5 stars5/5Legal Guide to Social Media, Second Edition: Rights and Risks for Businesses, Entrepreneurs, and Influencers Rating: 5 out of 5 stars5/5The Snowden Reader Rating: 0 out of 5 stars0 ratingsDigital Earth: Cyber threats, privacy and ethics in an age of paranoia Rating: 0 out of 5 stars0 ratingsSEO for Beginners: For Beginners Rating: 0 out of 5 stars0 ratingsThe Twenty-Six Words That Created the Internet Rating: 4 out of 5 stars4/5Cybersecurity Essentials: The Beginner's Guide Rating: 5 out of 5 stars5/5Legal Guide to Social Media: Rights and Risks for Businesses and Entrepreneurs Rating: 0 out of 5 stars0 ratingsThe Ransomware Threat Landscape: Prepare for, recognise and survive ransomware attacks Rating: 0 out of 5 stars0 ratingsThe United States of Anonymous: How the First Amendment Shaped Online Speech Rating: 4 out of 5 stars4/5Mastering ChatGPT: Business Uses: Podcasts in Print Rating: 2 out of 5 stars2/5Token Economy: How the Web3 reinvents the Internet Rating: 4 out of 5 stars4/5EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition Rating: 0 out of 5 stars0 ratingsInternet Governance: The NETmundial Roadmap Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide Rating: 5 out of 5 stars5/5iOS Programming: Starter Guide: What Every Programmer Needs to Know About iOS Programming Rating: 2 out of 5 stars2/5EU GDPR – An international guide to compliance Rating: 0 out of 5 stars0 ratingsA Practical Guide to IT Law Rating: 0 out of 5 stars0 ratingsEU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsThe Art of Cyber Security: A practical guide to winning the war on cyber crime Rating: 0 out of 5 stars0 ratingsRutgers Computer & Technology Law Journal: Volume 41, Number 1 - 2015 Rating: 0 out of 5 stars0 ratingsDelete: The Virtue of Forgetting in the Digital Age Rating: 4 out of 5 stars4/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsAugmented Reality Law, Privacy, and Ethics: Law, Society, and Emerging AR Technologies Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5EU General Data Protection Regulation (GDPR), third edition: An Implementation and Compliance Guide Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Hack: Making Money Online has never been this EASY Rating: 0 out of 5 stars0 ratingsNetwork neutrality: From policy to law to regulation Rating: 0 out of 5 stars0 ratingsInternet Book Piracy: The Fight to Protect Authors, Publishers, and Our Culture Rating: 1 out of 5 stars1/5Industry of Anonymity: Inside the Business of Cybercrime Rating: 2 out of 5 stars2/5
Reviews for ISO/IEC 27701:2019
3 ratings0 reviews
Book preview
ISO/IEC 27701:2019 - Alan Shipman
reading
INTRODUCTION
This pocket guide is a companion to An Introduction to Information Security and ISO 27001:2013: A Pocket Guide, written by Steve Watkins. One of the major requirements for the management of personal information is that the information is processed in a secure manner. Hence, information security is one of the major elements that needs consideration when developing or improving a privacy information management system (PIMS).
This pocket guide provides a concise introduction to such considerations, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved.
This pocket guide is intended for:
•Individuals looking for general information about a PIMS; and
•Organisations implementing, or considering improving, their PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
•What privacy information management means;
•How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
•Key areas of investment for a business-focused PIMS; and
•How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful at a number of stages in any privacy information management project, including:
•At the decision-making stage, to ensure that those committing to a privacy information management project do so from an informed position;
•At project initiation, as an introduction to privacy information management for the project board, project team members and those on the periphery of the project; and
•As part of an ongoing awareness campaign, being made available to all staff and to new starters as part of their introduction to the company.
A word of warning: this is not an implementation or ‘How to’ guide.
Implementing an ISO/IEC 27701-compliant PIMS requires more advice than can be covered in a pocket guide. A project of this nature is, in most cases, likely to equate to a significant business-change project, and will require all the project governance arrangements that suit such an