IT-säkerhet

This document specifies requirements for establishing, implementing, maintaining and continually improving a privacy information management system (PIMS). Guidance is provided to assist in the implementation of the controls in this document. This document is intended for PII controllers and PII processors holding responsibility and accountability for PII processing. This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations.