Your cart is currently empty!
“ISO 20537:2025 Footwear – Identification of defects during visual inspection – Vocabulary” has been added to your cart. View cart
ISO 27557:2022
ISO 27557:2022 Information security, cybersecurity and privacy protection – Application of ISO 31000:2018 for organizational privacy risk management
CDN $233.00
Description
This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018.
This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an individual with consequences for organizations (e.g. reputational damage). It also provides guidance for incorporating the following into the overall organizational risk assessment:
-   organizational consequences of adverse privacy impacts on individuals; and
-   organizational consequences of privacy events that damage the organization (e.g. by harming its reputation) without causing any adverse privacy impacts to individuals.
This document assists in the implementation of a risk-based privacy program which can be integrated in the overall risk management of the organization.
This document is applicable to all types and sizes of organizations processing PII or developing products and services that can be used to process PII, including public and private companies, government entities, and non-profit organizations.
Edition
1
Published Date
2022-11-04
Status
PUBLISHED
Pages
19
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018.
This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an individual with consequences for organizations (e.g. reputational damage). It also provides guidance for incorporating the following into the overall organizational risk assessment:
-   organizational consequences of adverse privacy impacts on individuals; and
-   organizational consequences of privacy events that damage the organization (e.g. by harming its reputation) without causing any adverse privacy impacts to individuals.
This document assists in the implementation of a risk-based privacy program which can be integrated in the overall risk management of the organization.
This document is applicable to all types and sizes of organizations processing PII or developing products and services that can be used to process PII, including public and private companies, government entities, and non-profit organizations.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 80000:2025 Quantities and units – Part 13: Information science and technology
CDN $203.00 Add to cart -
ISO 80000:2019 Quantities and units – Part 11: Characteristic numbers
CDN $312.00 Add to cart -
ISO 80004:2020 Nanotechnologies – Vocabulary – Part 8: Nanomanufacturing processes
CDN $76.00 Add to cart -
ISO 14416:2003 Information and documentation – Requirements for binding of books, periodicals, serials and other paper documents for archive and library use – Methods and materials
CDN $273.00 Add to cart
