ISO/IEC DIS 27561

Information security, cybersecurity and privacy protection — Privacy operationalisation model and method for engineering (POMME)

ISO/IEC DIS 27561

Name:ISO/IEC DIS 27561   Standard name:Information security, cybersecurity and privacy protection — Privacy operationalisation model and method for engineering (POMME)
Standard number:ISO/IEC DIS 27561   language:English language
Release Date:25-Mar-2024   technical committee:ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection
Drafting committee:ISO/IEC JTC 1/SC 27 - Information security, cybersecurity and privacy protection   ICS number:35.030 - IT Security
International
Standard
ISO/IEC 27561
First edition
Information security, cybersecurity
2024-03
and privacy protection — Privacy
operationalisation model and
method for engineering (POMME)
Sécurité de l’information, cybersécurité et protection de la
vie privée — Méthode et modèle d'opérationnalisation de la
confidentialité pour l'ingénierie (POMME)
Reference number
ISO/IEC 27561:2024(en) © ISO/IEC 2024

---------------------- Page: 1 ----------------------
ISO/IEC 27561:2024(en)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2024
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: [email protected]
Website: www.iso.org
Published in Switzerland

© ISO/IEC 2024 – All rights reserved
ii

---------------------- Page: 2 ----------------------
ISO/IEC 27561:2024(en)
Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Symbols and abbreviated terms. 7
5 Context of privacy operationalization . 7
5.1 General .7
5.2 Privacy engineering viewpoint.7
5.3 Privacy engineering operationalization model .8
5.4 Privacy engineering operationalization method .8
5.5 POMME processes overview .8
5.6 Privacy and security .9
6 Initial information inventory process . 10
6.1 Purpose .10
6.2 Outcomes .10
6.3 Define and describe the TOA .10
6.4 Participant and information source identification .
...

  • Relates Information
  • ISO 8130-9:1992

    ISO 8130-9:1992 - Coating powders
    09-28
  • EN 352-2:2020/FprA1

    EN 352-2:2021/oprA1:2023
    09-28
  • IEC TS 61158-4:1999

    IEC TS 61158-4:1999 - Digital data communications for measurement and control - Fieldbus for use in industrial control systems - Part 4: Data Link protocol specification Released:3/24/1999 Isbn:2831847656
    09-28
  • HD 566 S1:1990

    HD 566 S1:1998
    09-28
  • ISO 5131:1982/Amd 1:1992

    ISO 5131:1982/Amd 1:1992
    09-28
  • EN 60598-2-22:1990

    EN 60598-2-22:1996
    09-27
  • ISO 8504-2:1992

    ISO 8504-2:1992 - Preparation of steel substrates before application of paints and related products -- Surface preparation methods
    09-27
  • EN 12165:2024

    prEN 12165:2022
    09-27
  • IEC TS 61158-6:1999

    IEC TS 61158-6:1999 - Digital data communications for measurement and control - Fieldbus for use in industrial control systems - Part 6: Application Layer protocol specification Released:3/24/1999 Isbn:2831847613
    09-27
  • ISO 4252:1992

    ISO 4252:1992 - Agricultural tractors -- Operator's workplace, access and exit -- Dimensions
    09-27