Specifies the requirements for establishing, implementing, maintaining and continually improving a privacy-specific information security management system. In other words, a management system for protecting personal data (PIMS). Source: Retrieved from ISO Requirements and guidelines, 2019, https://www.iso.org/news/ref2419.html