Topic-specific policies
ISO/IEC 27561

Search this site

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >

ISO/IEC 27561 — Information technology — Security techniques — Privacy operationalisation model and method for engineering (POMME) [DRAFT]



“This document describes a model and method to operationalize privacy principles into sets of controls and functional capabilities:
    • The method is described as a process following ISO/IEC/IEEE 24774;
    • It operationalizes ISO/IEC 29100;
    • It is intended for engineers and other practitioners developing systems controlling or processing PII;
    • It is designed for use with other standards and privacy guidance;
    • It supports networked, interdependent applications and systems.”
[Source: SC 27 Standing Document 11 (2021)]




Scope of the standard



Content of the standard






Personal notes

A contrived title with the neologism ‘operationalization’ doesn’t bode well as far as I’m concerned, but it’s early days yet.



< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2022 IsecT Ltd.