A Study on Information Security Management with Personal Data Protection

Abstract

In the process of standardization, whether the announcement of a standard represents a cause or an outcome, it is opportunity of the trend of standardization or achievement. The process of standardization is to understand "why" and "how" to explore the detailed outline of a time flow. From a long-term perspective, a standard is the milestone of the standardization process. On May 26th 2010, with the announcement of the Personal Data Protection Act in Taiwan, information security management (ISM) of the Personal Data Protection Act has received much attention from the public. This study is centered on the working items of standards announced by the International Organization for Standardization (ISO) and the ongoing information security management system (ISMS) standards and standardization in order to propose standards which comply with the ISMS of the Personal Data Protection Act and methods which increase implementation control measures.