ISO/IEC 27701:2019: An introduction to privacy information management
4.5/5
()
About this ebook
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
- Individuals looking for general information about privacy information management; and
- Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
- What privacy information management means;
- How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
- Key areas of investment for a business-focused PIMS; and
- How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
Alan Shipman
Alan Shipman is the managing director of Group 5 Training Limited. He was the project editor for ISO/IEC 27701:2019 and is also the chair of IST/33/5, which is responsible for the UK's contributions to the work of ISO/IEC JTC1/SC27/WG5 which deals with identity management and privacy technologies. Alan has over 30 years’ experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Read more from Alan Shipman
Knowledge Monopolies: The Academisation of Society Rating: 4 out of 5 stars4/5The New Power Elite: Inequality, Politics and Greed Rating: 0 out of 5 stars0 ratingsWynne Godley: A Biography Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27701:2019
Related ebooks
Data Protection and Compliance: Second edition Rating: 0 out of 5 stars0 ratingsIntro to GDPR: A Plain English Guide to Compliance Rating: 0 out of 5 stars0 ratingsISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5ISO 27001 Annex A Controls in Plain English: A Step-by-Step Handbook for Information Security Practitioners in Small Businesses Rating: 0 out of 5 stars0 ratingsInformation Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5IAPP CIPM Certified Information Privacy Manager Study Guide Rating: 0 out of 5 stars0 ratingsThe EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsAn Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5Data Protection Officer Rating: 3 out of 5 stars3/5The Basics of IT Audit: Purposes, Processes, and Practical Information Rating: 4 out of 5 stars4/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Information Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5Data Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsApplication Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsInformation Security Risk Assessment Toolkit: Practical Assessments through Data Collection and Data Analysis Rating: 0 out of 5 stars0 ratingsData Governance: Governing data for sustainable business Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsFundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5Information Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsData Breach Preparation and Response: Breaches are Certain, Impact is Not Rating: 0 out of 5 stars0 ratingsRisk Assessment for Asset Owners Rating: 4 out of 5 stars4/5Information Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsGovernance and Internal Controls for Cutting Edge IT Rating: 0 out of 5 stars0 ratingsIT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT Rating: 4 out of 5 stars4/5ISO/IEC 38500: The IT Governance Standard Rating: 5 out of 5 stars5/5
Computer & Internet Law For You
Cybersecurity Essentials: The Beginner's Guide Rating: 5 out of 5 stars5/5The Dark Web: The Unseen Side of the Internet Rating: 0 out of 5 stars0 ratingsThe Art of Cyber Security: A practical guide to winning the war on cyber crime Rating: 0 out of 5 stars0 ratingsDigital Earth: Cyber threats, privacy and ethics in an age of paranoia Rating: 0 out of 5 stars0 ratingsThe Basics of Digital Privacy: Simple Tools to Protect Your Personal Information and Your Identity Online Rating: 0 out of 5 stars0 ratingsExposed: How Revealing Your Data and Eliminating Privacy Increases Trust and Liberates Humanity Rating: 0 out of 5 stars0 ratingsLegal Guide to Social Media, Second Edition: Rights and Risks for Businesses, Entrepreneurs, and Influencers Rating: 5 out of 5 stars5/5The IT / Digital Legal Companion: A Comprehensive Business Guide to Software, IT, Internet, Media and IP Law Rating: 5 out of 5 stars5/5Freedom of expression and the internet: Updated and revised 2nd edition Rating: 0 out of 5 stars0 ratingsAugmented Reality Law, Privacy, and Ethics: Law, Society, and Emerging AR Technologies Rating: 0 out of 5 stars0 ratingsA Practical Guide to IT Law Rating: 0 out of 5 stars0 ratingsSEO for Beginners: For Beginners Rating: 0 out of 5 stars0 ratingsIndustry of Anonymity: Inside the Business of Cybercrime Rating: 2 out of 5 stars2/5Internet Book Piracy: The Fight to Protect Authors, Publishers, and Our Culture Rating: 1 out of 5 stars1/5Token Economy: How the Web3 reinvents the Internet Rating: 4 out of 5 stars4/5EU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide Rating: 5 out of 5 stars5/5The Snowden Reader Rating: 0 out of 5 stars0 ratingsData Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5Mastering ChatGPT: Business Uses: Podcasts in Print Rating: 2 out of 5 stars2/5EU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Hack: Making Money Online has never been this EASY Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR), third edition: An Implementation and Compliance Guide Rating: 0 out of 5 stars0 ratingsLegal Guide to Social Media: Rights and Risks for Businesses and Entrepreneurs Rating: 0 out of 5 stars0 ratingsDelete: The Virtue of Forgetting in the Digital Age Rating: 4 out of 5 stars4/5iOS Programming: Starter Guide: What Every Programmer Needs to Know About iOS Programming Rating: 2 out of 5 stars2/5Internet Governance: The NETmundial Roadmap Rating: 0 out of 5 stars0 ratingsThe Twenty-Six Words That Created the Internet Rating: 4 out of 5 stars4/5EU GDPR – An international guide to compliance Rating: 0 out of 5 stars0 ratingsThe Ultimate Legal Guide for Bloggers & Website Owners Rating: 0 out of 5 stars0 ratingsSECURITY AND PRIVACY IN AN IT WORLD: Managing and Meeting Online Regulatory Compliance in the 21st Century Rating: 5 out of 5 stars5/5
Reviews for ISO/IEC 27701:2019
3 ratings0 reviews
Book preview
ISO/IEC 27701:2019 - Alan Shipman
reading
INTRODUCTION
This pocket guide is a companion to An Introduction to Information Security and ISO 27001:2013: A Pocket Guide, written by Steve Watkins. One of the major requirements for the management of personal information is that the information is processed in a secure manner. Hence, information security is one of the major elements that needs consideration when developing or improving a privacy information management system (PIMS).
This pocket guide provides a concise introduction to such considerations, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved.
This pocket guide is intended for:
•Individuals looking for general information about a PIMS; and
•Organisations implementing, or considering improving, their PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
•What privacy information management means;
•How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
•Key areas of investment for a business-focused PIMS; and
•How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful at a number of stages in any privacy information management project, including:
•At the decision-making stage, to ensure that those committing to a privacy information management project do so from an informed position;
•At project initiation, as an introduction to privacy information management for the project board, project team members and those on the periphery of the project; and
•As part of an ongoing awareness campaign, being made available to all staff and to new starters as part of their introduction to the company.
A word of warning: this is not an implementation or ‘How to’ guide.
Implementing an ISO/IEC 27701-compliant PIMS requires more advice than can be covered in a pocket guide. A project of this nature is, in most cases, likely to equate to a significant business-change project, and will require all the project governance arrangements that suit such an