PM-20 - Dissemination of Privacy Program Information

Maintain a central resource webpage on the organization’s principal public website that serves as a central source of information about the organization’s privacy program and that: a. Ensures that the public has access to information about organizational privacy activities and can communicate with its senior agency official for privacy; b. Ensures that organizational privacy practices and reports are publicly available; and c. Employs publicly facing email addresses and/or phone lines to enable the public to provide feedback and/or direct questions to privacy offices regarding privacy practices.


Informational References

ISO 27001

ID: PM-20
Enhancements:  1

Countermeasures Covered by Control

ID Name Description D3FEND

Space Threats Tagged by Control

ID Description

Sample Requirements

Requirement

Related SPARTA Techniques and Sub-Techniques

ID Name Description