Achieve Korea Personal Information and Information Security Management System Compliance
Thales offers integrated solutions that enable organizations to address the ISMS-P in Korea.
In November 2018, the Korean Ministry of Science and ICT (MSIT), Korea Communications Commission, and Ministry of the Interior and Safety merged the Information Security Management System (ISMS) and the Korea-Personal Information Management System (PIMS) into a new certification system – Personal Information and Information Security Management System (ISMS-P).
The goal of integrating these two systems is to:
With extensive experience helping organizations comply with compliance mandates, Thales offers integrated solutions that enable your organizations to address the Personal Information and Information Security Management System (ISMS-P).
The Korean Personal Information and Information Security Management System (ISMS-P) is an information security and personal information management standard created by the Korea Internet & Security Agency (KISA). Compliance with this standard is mandated by the Personal Information Protection Act and “Act on Promotion of Information and Communications Network Utilization and Information Protection” as it is designed to help organizations in Korea protect their information assets.
Instead of 104 K-ISMS controls and 82 K-PIMS controls, ISMS-P – the new consolidated certification has 80 controls related to information security and 22 controls related to the protection of personal information.
80 controls related to information security
22 controls related to the protection of personal information
Thales enables organizations in Korea to address the requirements of The Korean Personal Information and Information Security Management System (ISMS-P).
Luna HSMs provide a hardened, tamper-resistant environment for secure cryptographic processing, key generation and protection, encryption, and more. Available in three FIPS 140-2 certified form factors, Luna HSMs support a variety of deployment scenarios.
CipherTrust Manager enables you to centrally manage keys for all CipherTrust Data Security Platform products, and securely store and inventory keys and certificates for third-party devices—including IBM Security Guardium Data Encryption, Microsoft SQL TDE, Oracle TDE, and KMIP-compliant encryption products.
CipherTrust Tokenization offers application-level tokenization services in two convenient solutions that deliver complete customer flexibility
With extensive experience helping organizations comply with compliance mandates, Thales offers integrated solutions that enable your organizations to address the Personal Information and Information Security Management System (ISMS-P).
This ebook shows how Thales data security solutions enable you to meet global compliance and data privacy requirements including - GDPR, Schrems II, PCI-DSS and data breach notification laws.
Traditionally organizations have focused IT security primarily on perimeter defense, building walls to block external threats from entering the network. However, with today’s proliferation of data, evolving global and regional privacy regulations, growth of cloud adoption, and...
Perhaps the most comprehensive data privacy standard to date, GDPR affects any organization that processes the personal data of EU citizens - regardless of where the organization is headquartered.
Any organization that plays a role in processing credit and debit card payments must comply with the strict PCI DSS compliance requirements for the processing, storage and transmission of account data.
Data breach notification requirements following loss of personal information have been enacted by nations around the globe. They vary by jurisdiction but almost universally include a “safe harbor” clause.