Name:Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
Introduction:This document is applicable to all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors processing PII within an ISMS.
The following documents are referred to in the text in such a way that some or all of their content constitutes requirements of this document. For dated references, only the edition cited applies Forundated references, the latest edition of the referenced document (including any amendments ) applies.
ISO/IEC 27000, Information technology Security techniques Information security management systems-Overview and vocabulary
ISO/IEC 27001: 2013, Information technology Security techniques-Information security management systems-Requirements
/IEC 27002: 2013, Information technology- Security techniques-Code of practice for information
ISO/IEC 29100, Information technology- Security techniques- Privacy framework