IT-säkerhet
- +Ämnesområden
- +Informationsteknik, kontorsutrustning (11)
- Informationsteknik: allmänt (0)
- IT-säkerhet (4)
- +Kodning av information (0)
- Programspråk (0)
- Programutveckling och systemdokumentation (0)
- +Öppna system (OSI) (0)
- Nätarkitekturer (0)
- Datorgrafik (0)
- Mikroprocessorsystem (0)
- Terminalutrustning och övrig kringutrustning (0)
- Gränssnitt och anslutningsutrustning (0)
- Molnbaserade datortjänster (0)
- +Datalagringsmedier (0)
- +IT-tillämpningar (7)
- Kontorsutrustning (0)
This document provides the minimum requirements for the knowledge, skills and effectiveness requirements of individuals performing testing activities for a conformance scheme using ISO/IEC 19790 and ISO/IEC 24759.
The standard contains guidelines for developing and establishing policies and procedures for deletion of PII in organizations by specifying: — a harmonized terminology for PII deletion; — an approach for defining deletion rules in an efficient way; — a description of required documentation; and — a broad definition of roles, responsibilities and processes. This document is intended to be used by organizations where PII are stored or processed. This document does not address: — specific legal provision, as given by national law or specified in contracts; — specific deletion rules for particular clusters of PII as are to be defined by PII controllers for — processing PII; — deletion mechanisms; — reliability, security and suitability of deletion mechanisms; — specific techniques for de-identification of data.
This document provides the specialized requirements to demonstrate the competence of individuals in performing IT product security evaluations and certifications in accordance with the ISO/IEC 15408 series and ISO/IEC 18045.
ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII). In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s). ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.