The requirements for a systems/software engineering process for privacy-oriented considerations regarding products, services, and systems utilizing employee, customer, or other external user’s personal data are defined by this standard. Organizations and projects that are developing and deploying products, systems, processes, and applications that involve personal information are candidate users of the IEEE Std 7002™ standard. Specific procedures, diagrams, and checklists are provided for users of the IEEE Std 7002 standard to perform conformity assessments on their specific privacy practices. Privacy impact assessments (PIAs) are described as a tool for both identifying where privacy controls and measures are needed and for confirming they are in place. (The PDF of this standard is available in the IEEE GET Program at https://ieeexplore.ieee.org/browse/standards/get-program/page/series?id=93)

This standard defines requirements for a systems engineering process for privacy-oriented considerations regarding products, services, and systems utilizing employee, customer, or other external user’s personal data. It extends across the life cycle from policy through development, quality assurance, and value realization. It includes a use case and data model (including metadata). It applies to organizations and projects that are developing and deploying products, systems, processes, and applications that involve personal information. By providing specific procedures, diagrams, and checklists, this standard enables users to perform a conformity assessment on their specific privacy practices. Privacy impact assessments (PIAs) are described as a tool for identifying where privacy controls and measures are needed, and for confirming they are in place.

The purpose of this standard is to provide an overall methodological approach that specifies practices to manage privacy issues within the systems engineering life cycle processes.