ISO/IEC 27701:2019: An introduction to privacy information management

CHAPTER 5: PRIVACY INFORMATION MANAGEMENT CONTROLS

Having now gained an appreciation of the methodical approach to the selection of privacy information management controls and other ways of addressing risks, it is time to examine the controls defined in ISO/IEC 27701.

There are 31 controls in Annex A and 18 controls in Annex B of the International Standard, each split into 4 identical categories:

1.Conditions for collection and processing.

2.Obligations to PII principles.

3.Privacy by design and by default.

4.PII sharing, transfer and disclosure.

These are of course in addition to the controls included in Annex A of ISO/IEC 27001. These four categories are not themselves significant and they could easily be formed differently.

The Standard itself ...

Get ISO/IEC 27701:2019: An introduction to privacy information management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

ISO/IEC 27701:2019: An introduction to privacy information management by Alan Shipman, Steve Watkins

CHAPTER 5: PRIVACY INFORMATION MANAGEMENT CONTROLS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly