Search

This document specifies the requirements for creating sector-specific standards that extend ISO/IEC 27001, and complement or amend ISO/IEC 27002 to support a specific sector (domain, application area or market). This document...

This document defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 series evaluation, using the criteria and evaluation evidence defined in the ISO/IEC 15408 series.

This document defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that meets the common security functionality...

This document defines the assurance requirements of the ISO/IEC 15408 series. It includes the individual assurance components from which the evaluation assurance levels and other packages contained in ISO/IEC 15408-5 are...

This document surveys and summarizes the existing hardware monitoring methods, including research efforts and industrial applications. The explored monitoring technologies are classified by applied area, carrier type, target...

This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities. This document does not specify how to evaluate, adopt, or maintain evaluation...

This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to: a) implement ISO/IEC 27001 when ISO/IEC 20000-1 is already implemented, or vice versa; b)...

The scope of this Recommendation | International Standard is to provide guidelines supporting the implementation of information security controls in telecommunications organizations. The adoption of this Recommendation |...

SCOPE: CSA ISO/IEC 27001:24 This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This...

This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the...

This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders. EXAMPLE Examples of provided packages include the...

This document specifies patch management (PAM) security assurance requirements and is intended to be used as an extension of the ISO/IEC 15408 series and ISO/IEC 18045. The security assurance requirements specified in this...