Rating: 4 out of 5 stars
4/5
Ebook64 pages49 minutes
ISO/IEC 27701:2019: An introduction to privacy information management
Rating: 4.5 out of 5 stars
4.5/5
()
About this ebook
An ideal primer for anyone implementing a PIMS based on ISO/IEC 27701
ISO/IEC 27701:2019 is a privacy extension to the international information security management standard, ISO/IEC 27001. It has been designed to integrate with ISO 27001 to extend an existing ISMS (information security management system) with additional requirements, enabling an organisation to establish, implement, maintain and continually improve its PIMS.
ISO 27701 provides guidance on the protection of privacy, including how organisations should manage personal information, and helps demonstrate compliance with privacy regulations around the world, such as the GDPR (General Data Protection Regulation).
ISO/IEC 27701:2019: An introduction to privacy information management offers a concise introduction to the Standard, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved. It is intended for:
- Individuals looking for general information about privacy information management; and
- Organisations implementing, or considering improving, a PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
- What privacy information management means;
- How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
- Key areas of investment for a business-focused PIMS; and
- How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
Author
Alan Shipman
Alan Shipman is the managing director of Group 5 Training Limited. He was the project editor for ISO/IEC 27701:2019 and is also the chair of IST/33/5, which is responsible for the UK's contributions to the work of ISO/IEC JTC1/SC27/WG5 which deals with identity management and privacy technologies. Alan has over 30 years’ experience of managing personal information, both as a data processor for a service organisation and as a data controller. He is a regular speaker at conferences, covering all aspects of information management. Alan has been involved in the development of BS 10008 throughout its life (first published as guidance in 1996), which deals with the management of electronic information of all types, including the conversion of paper-based information to electronic forms. His experience includes advising organisations in both the public and private sector on the implementation of BS 10008.
Read more from Alan Shipman
Knowledge Monopolies: The Academisation of Society Wynne Godley: A Biography Rating: 0 out of 5 stars0 ratingsThe New Power Elite: Inequality, Politics and Greed Rating: 0 out of 5 stars0 ratings
Related to ISO/IEC 27701:2019
Related ebooks
Information Security Risk Management for ISO27001/ISO27002 Rating: 4 out of 5 stars4/5Intro to GDPR: A Plain English Guide to Compliance Rating: 0 out of 5 stars0 ratingsISO27001/ISO27002:2013: A Pocket Guide Rating: 4 out of 5 stars4/5An Introduction to Information Security and ISO27001:2013: A Pocket Guide Rating: 4 out of 5 stars4/5ISO 27001 Controls – A guide to implementing and auditing Rating: 5 out of 5 stars5/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsIAPP CIPM Certified Information Privacy Manager Study Guide Rating: 0 out of 5 stars0 ratingsISO/IEC 27001:2022: An introduction to information security and the ISMS standard Rating: 5 out of 5 stars5/5Risk Assessment for Asset Owners Rating: 4 out of 5 stars4/5Data Protection Officer Rating: 3 out of 5 stars3/5Data Protection and the Cloud: Are the risks too great? Rating: 4 out of 5 stars4/5The EU Data Protection Code of Conduct for Cloud Service Providers: A guide to compliance Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsInformation Security Risk Management for ISO 27001/ISO 27002, third edition Rating: 4 out of 5 stars4/5ISO27001:2013 Assessments Without Tears Rating: 3 out of 5 stars3/5Application security in the ISO27001:2013 Environment Rating: 4 out of 5 stars4/5Fundamentals of Information Security Risk Management Auditing: An introduction for managers and auditors Rating: 5 out of 5 stars5/5IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT Rating: 4 out of 5 stars4/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Selling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsFundamentals of Adopting the NIST Cybersecurity Framework Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 3 out of 5 stars3/5Cyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5Information Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsCISA Certified Information Systems Auditor Study Guide Rating: 5 out of 5 stars5/5Data Protection Officer Rating: 0 out of 5 stars0 ratings
Computer & Internet Law For You
The Dark Web: The Unseen Side of the Internet Rating: 0 out of 5 stars0 ratingsFreedom of expression and the internet: Updated and revised 2nd edition Rating: 0 out of 5 stars0 ratingsThe Twenty-Six Words That Created the Internet Rating: 4 out of 5 stars4/5Delete: The Virtue of Forgetting in the Digital Age Rating: 4 out of 5 stars4/5iOS Programming: Starter Guide: What Every Programmer Needs to Know About iOS Programming Rating: 2 out of 5 stars2/5Token Economy: How the Web3 reinvents the Internet Rating: 4 out of 5 stars4/5IT Governance – An international guide to data security and ISO 27001/ISO 27002, Eighth edition Rating: 5 out of 5 stars5/5Mastering ChatGPT: Business Uses: Podcasts in Print Rating: 2 out of 5 stars2/5Cybersecurity Essentials: The Beginner's Guide Rating: 5 out of 5 stars5/5Summary of Ready Player One: By Ernest Cline Rating: 0 out of 5 stars0 ratingsThe ChatGPT Millionaire Hack: Making Money Online has never been this EASY Rating: 0 out of 5 stars0 ratingsThe Ransomware Threat Landscape: Prepare for, recognise and survive ransomware attacks Rating: 0 out of 5 stars0 ratingsThe United States of Anonymous: How the First Amendment Shaped Online Speech Rating: 4 out of 5 stars4/5EU GDPR – An international guide to compliance Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR): An Implementation and Compliance Guide Rating: 5 out of 5 stars5/5Quick Win Media Law Ireland: Answers to your top 100 Media Law questions Rating: 0 out of 5 stars0 ratingsLegal Guide to Social Media, Second Edition: Rights and Risks for Businesses, Entrepreneurs, and Influencers Rating: 5 out of 5 stars5/5The Ultimate GDPR Practitioner Guide: Demystifying Privacy & Data Protection Rating: 0 out of 5 stars0 ratingsHarvard Law Review: Volume 127, Number 3 - January 2014 Rating: 0 out of 5 stars0 ratingsRutgers Computer & Technology Law Journal: Volume 41, Number 1 - 2015 Rating: 0 out of 5 stars0 ratingsIndustry of Anonymity: Inside the Business of Cybercrime Rating: 2 out of 5 stars2/5Privacy’s Blueprint: The Battle to Control the Design of New Technologies Rating: 5 out of 5 stars5/5EU GDPR - A pocket guide, second edition Rating: 0 out of 5 stars0 ratingsExposed: How Revealing Your Data and Eliminating Privacy Increases Trust and Liberates Humanity Rating: 0 out of 5 stars0 ratingsLegal Guide to Social Media: Rights and Risks for Businesses and Entrepreneurs Rating: 0 out of 5 stars0 ratingsA Last Minute Hands-on Guide to GDPR Readiness Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR), third edition: An Implementation and Compliance Guide Rating: 0 out of 5 stars0 ratingsThe Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsEU General Data Protection Regulation (GDPR) – An implementation and compliance guide, fourth edition Rating: 0 out of 5 stars0 ratings
Related podcast episodes
The Foolproof Way To Pass The CIPPE Exam In 2 Weeks 0% found this document useful3 Must Have Skills To Land Your First Privacy Job 0% found this document usefulHow I Passed The CIPP/E Exam In 7 Days (And You Can Too!) 0% found this document useful#60 What is ISO 27017: Controls for Cloud Services 0% found this document useful083: SMS Pt 4 - What Does ISO 45001 Require?: Safety Management System overview 0% found this document usefulData protection principles: 7 principles that are critical to driving growth 0% found this document useful#63 Epiq's Information Security Journey: With guest Dinesh Sharma 0% found this document usefulHow Safe is AI? 0% found this document usefulNeed to know: Data Privacy vs. Public Health: COVID-19 Subseries 0% found this document usefulHow to A.V.O.I.D. Malpractice Claims! 0% found this document usefulSpecialist Topic - GDPR Made Simple With Kim Bradford 0% found this document useful119: COVID-19 Workplace Perception Survey Results: What employers can do to improve safety perception 0% found this document useful060: 4 Ways to Use Data to Improve Your Safety Culture: How a Digital Safety Dashboard Can Help You 0% found this document usefulPreventing Workplace Hazards Through Design 0% found this document useful
Related articles
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster” PC Pro MagazineUNLIMITED
“DORA Is A Force For Good And Will Help Businesses To Make Better Decisions, Faster”
Apr 10, 2022
6 min readData Compliance Checklist MarketingUNLIMITED
Data Compliance Checklist
May 15, 2019
People had a lot to say about Google’s January AU$80 million fine for breaching the General Data Protection Regulation (GDPR) – and rightly so. It was the first time a tech giant suffered a financial penalty under the GDPR. The fine served as a signa
3 min read“How Do You Launch A Product Without Alienating Or Damaging Your Customers?” PC Pro MagazineUNLIMITED
“How Do You Launch A Product Without Alienating Or Damaging Your Customers?”
Feb 10, 2022
6 min readDiagnosis: We Have Pii And Ip… Now What? The European Business ReviewUNLIMITED
Diagnosis: We Have Pii And Ip… Now What?
Oct 2, 2023
5 min readWhy Leaders Need To Take A Risk-based Approach To Data Security NZBusiness and ManagementUNLIMITED
Why Leaders Need To Take A Risk-based Approach To Data Security
Jul 21, 2021
5 min readFive Easy Privacy Mistakes Leaders Make NZBusiness and ManagementUNLIMITED
Five Easy Privacy Mistakes Leaders Make
Apr 18, 2023
2 min readRaising The Ethical Bar Ethical Audits And Positive Culture Transformation The European Business ReviewUNLIMITED
Raising The Ethical Bar Ethical Audits And Positive Culture Transformation
Jan 25, 2021
10 min readHow To Keep Data Safe MoneyWeekUNLIMITED
How To Keep Data Safe
Feb 3, 2023
2 min readCybersecurity Made Simple: Taming The Password The European Business ReviewUNLIMITED
Cybersecurity Made Simple: Taming The Password
Mar 1, 2022
8 min readApp To Support Employees In Speaking Up NZBusiness and ManagementUNLIMITED
App To Support Employees In Speaking Up
Aug 28, 2019
2 min readThe Forgotten Part Of Health And Safety NZBusiness and ManagementUNLIMITED
The Forgotten Part Of Health And Safety
Apr 22, 2020
2 min read“When Someone Asks Me To Prepare A Privacy Notice, I Find It Hard To Meet Their Expectations” PC Pro MagazineUNLIMITED
“When Someone Asks Me To Prepare A Privacy Notice, I Find It Hard To Meet Their Expectations”
Mar 7, 2024
6 min readWhy We Adopt And Then Ditch Online Security Tips FuturityUNLIMITED
Why We Adopt And Then Ditch Online Security Tips
Apr 29, 2020
2 min readPrivacy: The Price Of Trust Inc.UNLIMITED
Privacy: The Price Of Trust
Aug 17, 2021
How will cybersecurity and data privacy evolve over the next decade? We’re hearing from our customers that cybersecurity and data privacy are increasingly becoming board-level conversations. Companies will start to think about privacy, security, vend
1 min readIntelligence Analysis PRIVATE GAME WILDLIFE RANCHINGUNLIMITED
Intelligence Analysis
Jun 13, 2018
3 min readHow Do You Know You Are Okay? NZBusiness and ManagementUNLIMITED
How Do You Know You Are Okay?
May 27, 2019
2 min readData Protection: Lightening The Load Of Compliance The European Business ReviewUNLIMITED
Data Protection: Lightening The Load Of Compliance
Sep 25, 2021
7 min readThe Great Trade-off: Balancing Privacy And Trust In Marketing In The Digital Age NZ MarketingUNLIMITED
The Great Trade-off: Balancing Privacy And Trust In Marketing In The Digital Age
Jun 22, 2023
From May 8-12, our Privacy Week 2023 event delved into the ever-pressing question of how to strike a balance between privacy, consumer trust, and the world of marketing. Collaborating with the Office of the Privacy Commissioner, the Marketing Associa
3 min readMarketers: Stop Being A Privacy Liability MarketingUNLIMITED
Marketers: Stop Being A Privacy Liability
Jun 6, 2018
Trustworthiness begets a positive customer experience. As a marketer, you intuitively know that having a trustworthy brand is important. Consumers today are also increasingly aware of the value of their personal data. As a result, brands can no longe
2 min readWhat Does It Take To Win In A DATA-RICH WORLD? NZBusiness and ManagementUNLIMITED
What Does It Take To Win In A DATA-RICH WORLD?
Jan 16, 2020
3 min readSearching For Privacy NZ MarketingUNLIMITED
Searching For Privacy
Dec 8, 2021
6 min readCollaborating For The Future Facility ManagementUNLIMITED
Collaborating For The Future
Oct 14, 2019
Data has never been as readily available as it is today. However, while it provides tremendous opportunities, most people struggle to transform data into useful information and retain any of this information as knowledge. That’s why I understand that
4 min readWhistleblowers: What You Need To Know NZBusiness and ManagementUNLIMITED
Whistleblowers: What You Need To Know
Apr 20, 2022
The term ‘whistleblowing’ often conjures up thoughts of major newsworthy scandal, but in reality, it applies whenever an employee considers there has been serious wrongdoing in or by an organisation. The Protected Disclosures Act 2000 (“the Act”) off
3 min readSharing Information With Complainants NZBusiness and ManagementUNLIMITED
Sharing Information With Complainants
Apr 22, 2020
3 min readIs Your Team Ready For Mandatory Privacy Breach Notifications? NZBusiness and ManagementUNLIMITED
Is Your Team Ready For Mandatory Privacy Breach Notifications?
Jan 21, 2021
4 min readWhat Should Businesses Be Doing To Prepare For Privacy Breaches? NZBusiness and ManagementUNLIMITED
What Should Businesses Be Doing To Prepare For Privacy Breaches?
Jan 21, 2021
Ideally, privacy breaches would not occur and no notifications would need to be made. However, breaches are increasingly becoming a reality for New Zealand businesses. With that in mind, to ensure that privacy breach notifications can be managed in a
1 min readWhy Is Data Protection Important To Small Businesses Parents in BizUNLIMITED
Why Is Data Protection Important To Small Businesses
Jan 24, 2022
3 min readWhy Forgiveness Should Be Part Of Your Compliance Strategy The European Business ReviewUNLIMITED
Why Forgiveness Should Be Part Of Your Compliance Strategy
May 22, 2018
9 min readCultivating Executive Trust In The Age Of AI Governance The European Business ReviewUNLIMITED
Cultivating Executive Trust In The Age Of AI Governance
Mar 27, 2024
8 min readIn Conversation With CHARLES BOICEY TechfastlyUNLIMITED
In Conversation With CHARLES BOICEY
Aug 2, 2021
8 min read
Reviews for ISO/IEC 27701:2019
Rating: 4.333333333333333 out of 5 stars
4.5/5
3 ratings0 reviews
Book preview
ISO/IEC 27701:2019 - Alan Shipman
reading
INTRODUCTION
This pocket guide is a companion to An Introduction to Information Security and ISO 27001:2013: A Pocket Guide, written by Steve Watkins. One of the major requirements for the management of personal information is that the information is processed in a secure manner. Hence, information security is one of the major elements that needs consideration when developing or improving a privacy information management system (PIMS).
This pocket guide provides a concise introduction to such considerations, aiding those organisations looking to improve their privacy information management regime, particularly where ISO/IEC 27701:2019 is involved.
This pocket guide is intended for:
•Individuals looking for general information about a PIMS; and
•Organisations implementing, or considering improving, their PIMS, particularly where the use of ISO/IEC 27701:2019 is being considered.
It will enable you to understand the basics of privacy information management, including:
•What privacy information management means;
•How to manage privacy information successfully using a PIMS aligned to ISO/IEC 27701;
•Key areas of investment for a business-focused PIMS; and
•How your organisation can demonstrate the degree of assurance it offers with regard to privacy information management.
This guide will prove useful at a number of stages in any privacy information management project, including:
•At the decision-making stage, to ensure that those committing to a privacy information management project do so from an informed position;
•At project initiation, as an introduction to privacy information management for the project board, project team members and those on the periphery of the project; and
•As part of an ongoing awareness campaign, being made available to all staff and to new starters as part of their introduction to the company.
A word of warning: this is not an implementation or ‘How to’ guide.
Implementing an ISO/IEC 27701-compliant PIMS requires more advice than can be covered in a pocket guide. A project of this nature is, in most cases, likely to equate to a significant business-change project, and will require all the project governance arrangements that suit such an
Enjoying the preview?
Page 1 of 1