Appendix J is based on which principle set?

Appendix J is based on the Fair Information Practice Principles from the Privacy Act of 1974. These principles describe how government agencies should handle personal data: provide notice about collection and use, limit data collection and use to stated purposes, ensure data quality, give individuals access to and the ability to correct their information, protect information with appropriate security safeguards, be open about privacy practices, and hold agencies accountable for complying with these rules. Because Appendix J focuses on safeguarding personal information in federal systems, the FIPPs are the appropriate foundation. The other choices don’t fit this specific US privacy framework: ISO 27001 is an information security management standard, FIPS are general federal standards, and GDPR is a European privacy regulation.