Draft
International Standard
ISO/IEC DIS 29151
Information security, cybersecurity and privacy protection – Controls and guidance for personally identifiable information protection
Reference number
ISO/IEC DIS 29151
Edition 2
© ISO 2025
Draft International Standard
Read sample
Under development
This Draft International Standard is in the enquiry phase with ISO members.
Will replace ISO/IEC 29151:2017

ISO/IEC DIS 29151

Language
Format
CHF 65
Convert Swiss francs (CHF) to your currency

Abstract

This Recommendation | International Standard establishes controls, purpose, and guidance for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII).

In particular, this Recommendation | International Standard specifies guidance based on ISO/IEC 27002, taking into consideration the controls for processing PII that may be applicable within the context of an organization's information security risk environment(s).

This Recommendation | International Standard is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII, in particular, organizations that do not establish or operate a privacy information management system.

General information

  • Status
     : Under development
    Stage
    : Close of voting [40.60]
  • Edition
     : 2
    Number of pages
     : 46
  • Technical Committee :
    ISO/IEC JTC 1/SC 27
    ICS :
    35.030 
  • RSS updates

Life cycle

Got a question?

Check out our Help and Support

  2. Store
  3. Store
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC DIS 29151