DIN Standards Committee Information Technology and IT Applications
Information security, cybersecurity and privacy protection - Controls, requirements, and guidance for personally identifiable information protection (ISO/IEC FDIS 29151:2025)
Abstract
This document specifies controls, purpose, and guidance for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII). In particular, this document specifies requirements and guidance based on ISO/IEC 27002, taking into consideration the controls for processing PII that can be applicable within the context of an organization's information security risk environment(s). This document is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII, in particular, organizations that do not establish or operate a privacy information management system.
Begin
2024-05-09
WI
JT013080
Planned document number
FprEN ISO/IEC 29151
Responsible national committee
NA 043-04-13 GA - DIN/DKE Joint working committee Cybersecurity
Responsible european committee
CEN/CLC/JTC 13 - Cybersecurity and Data Protection
draft standard
Information security, cybersecurity and privacy protection - Controls, requirements, and guidance for personally identifiable information protection (ISO/IEC FDIS 29151:2025)
2025-11
Order from DIN Media
