The 'Personal information & Information Security Management System (ISMS-P)’ is an 'integrated certification system' that consolidated 'Personal Information Management System (PIMS) certification' and 'Information Security Management System (ISMS) certification' into one certification system, both of which were operated separately. ISMS-P has been enforced since November 7, 2018. Enterprises and institutions can expect to improve the external reliability of their personal information protection and security and reduce the risk of external and internal personal information infringements through the 'Personal information & Information Security Management System.'
Article 32-2 of the Personal Information Protection Act (Certification of Personal Information Protection)
|Classification||Integrated certification||Area (number of certification standards)|
|ISMS-P||ISMS||1. Establishing and operating management system (16)||
|2. Requirements for protection measures (64)||
|-||3. Requirements in each step of personal information processing (22)||