This document defines a privacy architecture framework that:
— specifies concerns for ICT systems that process PII;
— lists components for the implementation of such systems; and
— provides architectural views contextualizing these components.
This document is applicable to entities involved in specifying, procuring, architecting, designing, testing, maintaining, administering and operating ICT systems that process PII.
It focuses primarily on ICT systems that are designed to interact with PII principals.