(c) 강령 위반 및 컨트롤러나 프로세서가 강령을 이행하였거나 이행하는 방식에 관한 민원을 처리하는 절차 및 구조를 수립하고, 그 절차와 구조를 정보주체와 일반에 투명하게 할 절차 및 구조를 수립한 경우
Source: http://www.pipc.go.kr/cmt/not/ntc/selectBoardArticle.do?nttId=5969&bbsId=BBSMSTR_000000000121&bbsTyCode=BBST03&bbsAttrbCode=BBSA03&authFlag=Y&pageIndex=6
ISO/IEC 27701, adopted in 2019, added a requirement additional to ISO/IEC 27001, section 4.1.
Here is the relevant paragraph to article 41 GDPR:
5.2.1 Understanding the organization and its context
The organization shall include among its interested parties (see ISO/IEC 27001:2013, 4.2), those parties having interests or responsibilities associated with the processing of PII, including the PII principals.
[…]
Sign in
to read the full text