To protect personal data and comply with GDPR, you are studying and researching about privacy frameworks and principles. Which of the following is the best source?
A. ISO 27001
B. ISO 27002
C. ISO 27701
D. ISO 29100

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is D. ISO 29100.

• ISO/IEC 27001:2013
  Information technology — Security techniques — Information security management systems — Requirements
• ISO/IEC 27002:2013
  Information technology — Security techniques — Code of practice for information security controls
• ISO/IEC 27701:2019
  Security techniques — Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines
• ISO/IEC 29100:2011
  Information technology — Security techniques — Privacy framework

Reference

• InfoSec and Privacy ISO Standards
• ISO 27000 Series of Standards

A BLUEPRINT FOR YOUR SUCCESS IN CISSP

My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

• It is available on Amazon.
• Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.

為了保護個人數據並遵守GDPR，您正在研究和研究隱私框架和原則。 以下哪個是最佳來源？
A. ISO 27001
B. ISO 27002
C. ISO 27701
D. ISO 29100