Publicly available ISO standards: security & privacy related

Posted on 26 May 2014 by Admin

It is good to know that some freely available ISO standards are related to security and privacy (Reference: Publicly Available Standards). For example ISO 27000 and ISO 29100 are freely available.

Security Management

  • ISO 27000 Information security management systems – Overview and vocabulary

ISO27000-2014

  • ISO 21827 Information technology – Security techniques – Systems Security Engineering – Capability Maturity Model® (SSE-CMM®)

ISO21827

Trusted Platform Module

  • 11889-1 Information technology – Trusted Platform Module – Part 1: Overview

ISO11889-TPM

Part 2: Design principles
Part 3: Structures
Part 4: Commands

Near Field Communication

  • ISO 18092 Interface and Protocol (NFCIP-1)
  • ISO 13157-1 NFC Security – Part 1: NFC-SEC NFCIP-1 security services and protocol

Business etc

  • 14662 Information technology – Openedi reference model

ISO14662

  • 15944 Information technology — Business Operational View

Part 1: Operational aspects of Open-edi for implementation

ISO15944-1

Part 4: Business transaction scenarios – Accounting and economic ontology

ISO15944-4

Part 6: Technical introduction to e-Business modelling

ISO15944-6

Part 8: Identification of privacy protection requirements as external constraints on business transactions

ISO15944-8

  • ISO 27036-1 Information security for supplier relationships – Part 1: Overview and concepts

ISO27036-1

  • ISO/TR 24714-1 Biometrics – Jurisdictional and societal considerations for commercial applications – Part 1: General guidance

Privacy & Identity

  • ISO 29100 Privacy framework

ISO29100

  • ISO 24760-1 A framework for identity management – Part 1: Terminology and concepts

ISO24760-1

Common Criteria

  • 15408-1 Evaluation criteria for IT security — Part 1: Introduction and general model

ISO15408-1

  • ISO 18045 Methodology for IT security evaluation

ISO18045

  • ISO TR 15446 Guide for the production of Protection Profiles and Security Targets

Other

  • ISO 19464 Advanced Message Queuing Protocol (AMQP) v1.0 specification
  • ISO 18180 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2

ISO18180

  • ISO 2382-37 Information technology – Vocabulary – Part 37: Biometrics
  • ISO/TR 24772 Information technology – Programming languages – Guidance to avoiding vulnerabilities in programming languages through language selection and use
This entry was posted in Security Management, Security Standardization and Practises, Security Terminology, Security Training, Awareness and Reports. Bookmark the permalink.

Comments are closed.