Rating: 4 out of 5 stars
4/5
Ebook64 pages44 minutes
ISO/IEC 27701:2019: An introduction to privacy information management
Rating: 4.5 out of 5 stars
4.5/5
()
About this ebook
An ideal primer for anyone implementing a PIMS based on ISO/IEC 27701
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
- Individuals looking for general information about privacy information management; and
- Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
- What privacy information management means;
- How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
- Key areas of investment for a business-focused PIMS; and
- How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
Author
Alan Shipman
Alan Shipman is the managing director of Group 5 Training Limited. He was the project editor for ISO/IEC 27701:2019 and is also the chair of IST/33/5, which is responsible for the UK's contributions to the work of ISO/IEC JTC1/SC27/WG5 which deals with identity management and privacy technologies. Alan has over 30 years’ experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Read more from Alan Shipman
Knowledge Monopolies: The Academisation of Society Wynne Godley: A Biography Rating: 0 out of 5 stars0 ratingsThe New Power Elite: Inequality, Politics and Greed Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27701:2019
Related ebooks
ISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsData Protection and Compliance: Second edition Rating: 0 out of 5 stars0 ratingsIntro to GDPR: A Plain English Guide to Compliance Rating: 0 out of 5 stars0 ratingsISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5Data Protection Officer Rating: 3 out of 5 stars3/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsFundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5IAPP CIPM Certified Information Privacy Manager Study Guide Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 3 out of 5 stars3/5An Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Governance and Internal Controls for Cutting Edge IT Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsThe Basics of IT Audit: Purposes, Processes, and Practical Information Rating: 4 out of 5 stars4/5Information Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsData Privacy: A runbook for engineers Rating: 0 out of 5 stars0 ratingsInformation Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsThe Psychology of Information Security: Resolving conflicts between security compliance and human behaviour Rating: 5 out of 5 stars5/5Build a Security Culture Rating: 0 out of 5 stars0 ratingsISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5Risk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratings
Computer & Internet Law For You
Website Law: The Legal Guide for Website Owners and Bloggers Rating: 5 out of 5 stars5/5Legal Guide to Social Media, Second Edition: Rights and Risks for Businesses, Entrepreneurs, and Influencers Rating: 5 out of 5 stars5/5The Snowden Reader Rating: 0 out of 5 stars0 ratingsDigital Earth: Cyber threats, privacy and ethics in an age of paranoia Rating: 0 out of 5 stars0 ratingsSEO for Beginners: For Beginners Rating: 0 out of 5 stars0 ratingsThe Twenty-Six Words That Created the Internet Rating: 4 out of 5 stars4/5Cybersecurity Essentials: The Beginner's Guide Rating: 5 out of 5 stars5/5Legal Guide to Social Media: Rights and Risks for Businesses and Entrepreneurs Rating: 0 out of 5 stars0 ratingsThe Ransomware Threat Landscape: Prepare for, recognise and survive ransomware attacks Rating: 0 out of 5 stars0 ratingsThe United States of Anonymous: How the First Amendment Shaped Online Speech Rating: 4 out of 5 stars4/5Mastering ChatGPT: Business Uses: Podcasts in Print Rating: 2 out of 5 stars2/5Token Economy: How the Web3 reinvents the Internet Rating: 4 out of 5 stars4/5EU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition Rating: 0 out of 5 stars0 ratingsInternet Governance: The NETmundial Roadmap Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide Rating: 5 out of 5 stars5/5iOS Programming: Starter Guide: What Every Programmer Needs to Know About iOS Programming Rating: 2 out of 5 stars2/5EU GDPR – An international guide to compliance Rating: 0 out of 5 stars0 ratingsA Practical Guide to IT Law Rating: 0 out of 5 stars0 ratingsEU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsThe Art of Cyber Security: A practical guide to winning the war on cyber crime Rating: 0 out of 5 stars0 ratingsRutgers Computer & Technology Law Journal: Volume 41, Number 1 - 2015 Rating: 0 out of 5 stars0 ratingsDelete: The Virtue of Forgetting in the Digital Age Rating: 4 out of 5 stars4/5The Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsAugmented Reality Law, Privacy, and Ethics: Law, Society, and Emerging AR Technologies Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5EU General Data Protection Regulation (GDPR), third edition: An Implementation and Compliance Guide Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Hack: Making Money Online has never been this EASY Rating: 0 out of 5 stars0 ratingsNetwork neutrality: From policy to law to regulation Rating: 0 out of 5 stars0 ratingsInternet Book Piracy: The Fight to Protect Authors, Publishers, and Our Culture Rating: 1 out of 5 stars1/5Industry of Anonymity: Inside the Business of Cybercrime Rating: 2 out of 5 stars2/5
Related podcast episodes
The Foolproof Way To Pass The CIPPE Exam In 2 Weeks 0% found this document usefulCyberWire Pro Interview Selects: Jaclyn Miller from NTT, Ltd. 0% found this document useful083: SMS Pt 4 - What Does ISO 45001 Require?: Safety Management System overview 0% found this document usefulData protection principles: 7 principles that are critical to driving growth 0% found this document useful#63 Epiq's Information Security Journey: With guest Dinesh Sharma 0% found this document usefulNeed to know: Data Privacy vs. Public Health: COVID-19 Subseries 0% found this document usefulHow to A.V.O.I.D. Malpractice Claims! 0% found this document usefulSpecialist Topic - GDPR Made Simple With Kim Bradford 0% found this document useful119: COVID-19 Workplace Perception Survey Results: What employers can do to improve safety perception 0% found this document useful060: 4 Ways to Use Data to Improve Your Safety Culture: How a Digital Safety Dashboard Can Help You 0% found this document usefulPreventing Workplace Hazards Through Design 0% found this document usefulImproving Safety and Security in Your Community 0% found this document useful#59 What is ISO 27701?: With guest Steve Mason 0% found this document useful
Related articles
Data Compliance Checklist MarketingArticle
Data Compliance Checklist
May 15, 2019
People had a lot to say about Google’s January AU$80 million fine for breaching the General Data Protection Regulation (GDPR) – and rightly so. It was the first time a tech giant suffered a financial penalty under the GDPR. The fine served as a signa
3 min readThe Global Data War Heats Up The AtlanticArticle
The Global Data War Heats Up
Jun 26, 2019
5 min readCyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL Inc.Article
Cyber Security IS A SHARED RESPONSIBILITY AT THE C-LEVEL
Sep 21, 2016
Data breaches can have far-reaching repercussions; protecting against them is a companywide mandate
2 min readHow to Protect Your Small Business Against a Cyber Attack EntrepreneurArticle
How to Protect Your Small Business Against a Cyber Attack
Feb 1, 2013
8 min read“How Do You Launch A Product Without Alienating Or Damaging Your Customers?” PC Pro MagazineArticle
“How Do You Launch A Product Without Alienating Or Damaging Your Customers?”
Feb 10, 2022
6 min readDiagnosis: We Have Pii And Ip… Now What? The European Business ReviewArticle
Diagnosis: We Have Pii And Ip… Now What?
Oct 2, 2023
5 min readWhy Leaders Need To Take A Risk-based Approach To Data Security NZBusiness and ManagementArticle
Why Leaders Need To Take A Risk-based Approach To Data Security
Jul 21, 2021
5 min readFive Easy Privacy Mistakes Leaders Make NZBusiness and ManagementArticle
Five Easy Privacy Mistakes Leaders Make
Apr 18, 2023
2 min readRaising The Ethical Bar Ethical Audits And Positive Culture Transformation The European Business ReviewArticle
Raising The Ethical Bar Ethical Audits And Positive Culture Transformation
Jan 25, 2021
10 min readHow To Keep Data Safe MoneyWeekArticle
How To Keep Data Safe
Feb 3, 2023
2 min readCybersecurity Made Simple: Taming The Password The European Business ReviewArticle
Cybersecurity Made Simple: Taming The Password
Mar 1, 2022
8 min readApp To Support Employees In Speaking Up NZBusiness and ManagementArticle
App To Support Employees In Speaking Up
Aug 28, 2019
2 min readThe Forgotten Part Of Health And Safety NZBusiness and ManagementArticle
The Forgotten Part Of Health And Safety
Apr 22, 2020
2 min read“When Someone Asks Me To Prepare A Privacy Notice, I Find It Hard To Meet Their Expectations” PC Pro MagazineArticle
“When Someone Asks Me To Prepare A Privacy Notice, I Find It Hard To Meet Their Expectations”
Mar 7, 2024
6 min readWhy We Adopt And Then Ditch Online Security Tips FuturityArticle
Why We Adopt And Then Ditch Online Security Tips
Apr 29, 2020
2 min readPrivacy: The Price Of Trust Inc.Article
Privacy: The Price Of Trust
Aug 17, 2021
How will cybersecurity and data privacy evolve over the next decade? We’re hearing from our customers that cybersecurity and data privacy are increasingly becoming board-level conversations. Companies will start to think about privacy, security, vend
1 min readIntelligence Analysis PRIVATE GAME WILDLIFE RANCHINGArticle
Intelligence Analysis
Jun 13, 2018
3 min readHow Do You Know You Are Okay? NZBusiness and ManagementArticle
How Do You Know You Are Okay?
May 27, 2019
2 min readData Protection: Lightening The Load Of Compliance The European Business ReviewArticle
Data Protection: Lightening The Load Of Compliance
Sep 25, 2021
7 min readThe Great Trade-off: Balancing Privacy And Trust In Marketing In The Digital Age NZ MarketingArticle
The Great Trade-off: Balancing Privacy And Trust In Marketing In The Digital Age
Jun 22, 2023
From May 8-12, our Privacy Week 2023 event delved into the ever-pressing question of how to strike a balance between privacy, consumer trust, and the world of marketing. Collaborating with the Office of the Privacy Commissioner, the Marketing Associa
3 min readMarketers: Stop Being A Privacy Liability MarketingArticle
Marketers: Stop Being A Privacy Liability
Jun 6, 2018
Trustworthiness begets a positive customer experience. As a marketer, you intuitively know that having a trustworthy brand is important. Consumers today are also increasingly aware of the value of their personal data. As a result, brands can no longe
2 min readWhat Does It Take To Win In A DATA-RICH WORLD? NZBusiness and ManagementArticle
What Does It Take To Win In A DATA-RICH WORLD?
Jan 16, 2020
3 min readSearching For Privacy NZ MarketingArticle
Searching For Privacy
Dec 8, 2021
6 min readCollaborating For The Future Facility ManagementArticle
Collaborating For The Future
Oct 14, 2019
Data has never been as readily available as it is today. However, while it provides tremendous opportunities, most people struggle to transform data into useful information and retain any of this information as knowledge. That’s why I understand that
4 min readWhistleblowers: What You Need To Know NZBusiness and ManagementArticle
Whistleblowers: What You Need To Know
Apr 20, 2022
The term ‘whistleblowing’ often conjures up thoughts of major newsworthy scandal, but in reality, it applies whenever an employee considers there has been serious wrongdoing in or by an organisation. The Protected Disclosures Act 2000 (“the Act”) off
3 min readSharing Information With Complainants NZBusiness and ManagementArticle
Sharing Information With Complainants
Apr 22, 2020
3 min readIs Your Team Ready For Mandatory Privacy Breach Notifications? NZBusiness and ManagementArticle
Is Your Team Ready For Mandatory Privacy Breach Notifications?
Jan 21, 2021
4 min readWhat Should Businesses Be Doing To Prepare For Privacy Breaches? NZBusiness and ManagementArticle
What Should Businesses Be Doing To Prepare For Privacy Breaches?
Jan 21, 2021
Ideally, privacy breaches would not occur and no notifications would need to be made. However, breaches are increasingly becoming a reality for New Zealand businesses. With that in mind, to ensure that privacy breach notifications can be managed in a
1 min readWhy Is Data Protection Important To Small Businesses Parents in BizArticle
Why Is Data Protection Important To Small Businesses
Jan 24, 2022
3 min readWhy Forgiveness Should Be Part Of Your Compliance Strategy The European Business ReviewArticle
Why Forgiveness Should Be Part Of Your Compliance Strategy
May 22, 2018
9 min read
Reviews for ISO/IEC 27701:2019
Rating: 4.333333333333333 out of 5 stars
4.5/5
3 ratings0 reviews
Book preview
ISO/IEC 27701:2019 - Alan Shipman
reading
INTRODUCTION
This pocket guide is a companion to An Introduction to Information Security and ISO 27001:2013: A Pocket Guide, written by Steve Watkins. One of the major requirements for the management of personal information is that the information is processed in a secure manner. Hence, information security is one of the major elements that needs consideration when developing or improving a privacy information management system (PIMS).
This pocket guide provides a concise introduction to such considerations, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved.
This pocket guide is intended for:
•Individuals looking for general information about a PIMS; and
•Organisations implementing, or considering improving, their PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
•What privacy information management means;
•How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
•Key areas of investment for a business-focused PIMS; and
•How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful at a number of stages in any privacy information management project, including:
•At the decision-making stage, to ensure that those committing to a privacy information management project do so from an informed position;
•At project initiation, as an introduction to privacy information management for the project board, project team members and those on the periphery of the project; and
•As part of an ongoing awareness campaign, being made available to all staff and to new starters as part of their introduction to the company.
A word of warning: this is not an implementation or ‘How to’ guide.
Implementing an ISO/IEC 27701-compliant PIMS requires more advice than can be covered in a pocket guide. A project of this nature is, in most cases, likely to equate to a significant business-change project, and will require all the project governance arrangements that suit such an
Enjoying the preview?
Page 1 of 1