GSO ISO/IEC 27557:2024

ISO/IEC 27557:2022

Gulf Standard Current Edition · Approved on 14 October 2024

Information security, cybersecurity and privacy protection — Application of ISO 31000:2018 for organizational privacy risk management

GSO ISO/IEC 27557:2024 Files

No files for this standard are available in the store currently.

Obtaining this standard through the store is currently unavailable. You can acquire it directly from its source or from one of the member countries stores

Select our members store

Continue Shopping

GSO ISO/IEC 27557:2024 Scope

This document provides guidelines for organizational privacy risk management, extended from ISO 31000:2018.

This document provides guidance to organizations for integrating risks related to the processing of personally identifiable information (PII) as part of an organizational privacy risk management programme. It distinguishes between the impact that processing PII can have on an individual with consequences for organizations (e.g. reputational damage). It also provides guidance for incorporating the following into the overall organizational risk assessment:

— organizational consequences of adverse privacy impacts on individuals; and

— organizational consequences of privacy events that damage the organization (e.g. by harming its reputation) without causing any adverse privacy impacts to individuals.

This document assists in the implementation of a risk-based privacy program which can be integrated in the overall risk management of the organization.

This document is applicable to all types and sizes of organizations processing PII or developing products and services that can be used to process PII, including public and private companies, government entities, and non-profit organizations.

Best Sellers From Information Sector

GSO ISO/TR 18492:2017

ISO/TR 18492:2005

Gulf Standard

Long-term preservation of electronic document-based information

Quick View

More Details

GSO ISO/TS 23635:2024

ISO/TS 23635:2022

Gulf Standard

Blockchain and distributed ledger technologies — Guidelines for governance

Quick View

More Details

GSO ISO/IEC 15773:2013

ISO/IEC 15773:1998

Gulf Standard

Information technology -- Telecommunications and information exchange between systems -- Broadband Private Integrated Services Network -- Inter-exchange signalling protocol -- Transit counter additional network feature

Quick View

More Details

GSO ISO 11238:2017

ISO 11238:2012

Gulf Standard

Health informatics -- Identification of medicinal products -- Data elements and structures for the unique identification and exchange of regulated information on substances

Quick View

More Details

View All

Recently Published from Information Sector

GSO ISO/IEC 22123-1:2024

ISO/IEC 22123-1:2023

Gulf Standard

Information technology — Cloud computing — Part 1: Vocabulary

Quick View

More Details

GSO ISO/IEC 23859:2024

ISO/IEC 23859:2023

Gulf Standard

Information technology — User interfaces — Requirements and recommendations on making written text easy to read and understand

Quick View

More Details

GSO ISO/IEC 9075-15:2024

ISO/IEC 9075-15:2023

Gulf Standard

Information technology — Database languages SQL — Part 15: Multidimensional arrays (SQL/MDA)

Quick View

More Details

GSO ISO/IEC TS 5147:2024

ISO/IEC TS 5147:2023

Gulf Standard

Information technology — Computer graphics, image processing and environmental data representation — Guidelines for representation and visualization of smart cities

Quick View

More Details

View All