ISO/IEC 29134

From CS Wiki
Information technology — Security techniques — Guidelines for privacy impact assessment
개인정보 영향평가 표준
  • 개발 그룹: ISO/IEC JTC 1/SC 27/WG 5
  • 일반 기업, 정부 기관, 공공 기관 등 모든 기업에 적용 가능

구성[edit | edit source]

  • 준비 과정
  • 수행 과정
  • 사후 과정

목차[edit | edit source]

  • 1 Scope
  • 2 Normative references
  • 3 Terms and definitions
  • 4 Abbreviated terms
  • 5 Preparing the grounds for PIA
    • 5.1 Benefits of carrying out a PIA
    • 5.2 Objectives of PIA reporting
    • 5.3 Accountability to conduct a PIA
    • 5.4 Scale of a PIA
  • 6 Guidance on the process for conducting a PIA
    • 6.1 General
    • 6.2 Determine whether a PIA is necessary (threshold analysis)
    • 6.3 Preparation of the PIA
    • 6.4 Perform the PIA
    • 6.5 Follow up the PIA
  • 7 PIA report
    • 7.1 General
    • 7.2 Report structure
    • 7.3 Scope of PIA
    • 7.4 Privacy requirements
    • 7.5 Risk assessment
    • 7.6 Risk treatment plan
    • 7.7 Conclusion and decisions
    • 7.8 PIA public summary