ISO/IEC 29134
From CS Wiki
- Information technology — Security techniques — Guidelines for privacy impact assessment
- 개인정보 영향평가 표준
- 개발 그룹: ISO/IEC JTC 1/SC 27/WG 5
- 일반 기업, 정부 기관, 공공 기관 등 모든 기업에 적용 가능
구성[edit | edit source]
- 준비 과정
- 수행 과정
- 사후 과정
목차[edit | edit source]
- 1 Scope
- 2 Normative references
- 3 Terms and definitions
- 4 Abbreviated terms
- 5 Preparing the grounds for PIA
- 5.1 Benefits of carrying out a PIA
- 5.2 Objectives of PIA reporting
- 5.3 Accountability to conduct a PIA
- 5.4 Scale of a PIA
- 6 Guidance on the process for conducting a PIA
- 6.1 General
- 6.2 Determine whether a PIA is necessary (threshold analysis)
- 6.3 Preparation of the PIA
- 6.4 Perform the PIA
- 6.5 Follow up the PIA
- 7 PIA report
- 7.1 General
- 7.2 Report structure
- 7.3 Scope of PIA
- 7.4 Privacy requirements
- 7.5 Risk assessment
- 7.6 Risk treatment plan
- 7.7 Conclusion and decisions
- 7.8 PIA public summary