IDtrust Member Section Members,
I am happy to announce that a new ISO international standard, ISO/IEC 27561:2024 - Privacy operationalisation model and method for engineering (POMME) has been published. It is based on the OASIS Privacy Management Reference Model and Methodology (PMRM) v1.0-cs02 and provides a structured methodology to operationalize both privacy and security control requirements in networked, interdependent applications and systems and throughout application development lifecycles.
PMRM TC members John Sabo, Michele Drgon, Gershon Janssen, and Gail Magnuson contributed to the development and publication of the new standard as liaison members to ISO/IEC JTC1/SC27/WG5 for the past three+ years. Because the ISO POMME and the PMRM are so closely aligned, we have an opportunity to renew focus and activity in the PMRM TC and OASIS - particularly projects that will leverage interest in privacy engineering and lead to valuable TC initiatives and deliverables. We plan to schedule a PMRM TC meeting on May 22 to discuss the ISO standard, its relationship to the PMRM specification, and a possible work plan.
Links to the PMRM and POMME are included below.
A PMRM TC meeting announcement will be sent to the TC list shortly. In the meantime, we welcome other OASIS members to register as PMRM TC members to participate in the May 22 meeting and contribute to the meeting discussion. We look forward to your participation.
Best regards,
John Sabo
Chair, PMRM TC
OASIS PMRM
http://docs.oasis-open.org/pmrm/PMRM/v1.0/cs02/PMRM-v1.0-cs02.htmlISO/IEC 27561:2024
https://www.iso.org/obp/ui/en/#iso:std:iso-iec:27561:ed-1:v1:en