< Previous standard ^ Up a level ^ Next standard >
ISO/IEC TS 27564 — Privacy protection — Guidance on the use of models for privacy engineering [DRAFT]
Abstract
“[ISO/IEC TS 27564] provides guidance on how to use modelling in privacy engineering. It describes categories of models that can be used, the use of modelling to support engineering, and the relationships with other references and standards for privacy engineering and for modelling. It provides high-level use cases describing how models are used.” [Source: ISO.org page]
Introduction
Modelling and other systems engineering approaches are useful when designing complex systems, such as IT systems plus their associated operating environments and processes. This standard will focus on using modelling and engineering to design suitable privacy arrangements into complex systems.
Scope of the standard
Guidance on applying the Model-Based Systems and Software Engineering approach (as per ISO/IEC/IEEE 24641:2023 - Systems and Software engineering - Methods and tools for model-based systems and software engineering) to design appropriate privacy controls in to complex systems using conceptual models.
Content of the standard
[TBA]
Status
The standard development project made a slow start back in 2021.
The Preliminary Work Item study generated a specification and draft Technical Specification, building on the MBSSE standard published in 2023.
SC 27 agreed to develop a Technical Specification in 2024. Publication is due in 2026.
Personal comments
This standard will explain the use of others such as ISO/IEC/IEEE 24641, ISO/IEC 27555 (models for deletion of personal information), ISO/IEC 27556 (models for managing privacy preferences), ISO/IEC 27559 (models for de-identification) and ISO/IEC 27561 (POMME), for privacy engineering.
< Previous standard ^ Up a level ^ Next standard >
|