{"id":1476,"date":"2014-05-26T15:50:56","date_gmt":"2014-05-26T12:50:56","guid":{"rendered":"http:\/\/saisa.eu\/blogs\/Guidance\/?p=1476"},"modified":"2014-05-26T15:56:36","modified_gmt":"2014-05-26T12:56:36","slug":"publicly-available-iso-standards-security-privacy-related","status":"publish","type":"post","link":"https:\/\/saisa.eu\/blogs\/Guidance\/?p=1476","title":{"rendered":"Publicly available ISO standards: security &#038; privacy related"},"content":{"rendered":"<p>It is good to know that some freely available ISO standards are related to security and privacy (Reference: <a href=\"http:\/\/standards.iso.org\/ittf\/PubliclyAvailableStandards\/index.html\">Publicly Available Standards<\/a>). For example ISO 27000 and ISO 29100 are freely available.<\/p>\n<p><strong>Security Management<\/strong><\/p>\n<ul>\n<li>ISO 27000 Information security management systems &#8211; Overview and vocabulary<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso27000-2014-1.jpg\"><img loading=\"lazy\" alt=\"ISO27000-2014\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso27000-2014-1-small.jpg\" width=\"300\" height=\"233\" \/><\/a><\/p>\n<\/blockquote>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso27000-2014.jpg\"><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO 21827 Information technology &#8211; Security techniques &#8211; Systems Security Engineering &#8211; Capability Maturity Model\u00c2\u00ae (SSE-CMM\u00c2\u00ae)<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso21827-1.png\"><img loading=\"lazy\" alt=\"ISO21827\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso21827-1-small.png\" width=\"300\" height=\"228\" \/><\/a><\/p>\n<\/p>\n<\/blockquote>\n<p><strong>Trusted Platform Module<\/strong><\/p>\n<ul>\n<li>11889-1 Information technology &#8211; Trusted Platform Module &#8211; Part 1: Overview<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso11889-tpm-1.png\"><img loading=\"lazy\" alt=\"ISO11889-TPM\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso11889-tpm-1-small.png\" width=\"300\" height=\"240\" \/><\/a><\/p>\n<p>Part 2: Design principles<br \/>\nPart 3: Structures<br \/>\nPart 4: Commands<\/p>\n<\/blockquote>\n<p><strong>Near Field Communication<\/strong><\/p>\n<ul>\n<li>ISO 18092 Interface and Protocol (NFCIP-1)<\/li>\n<li>ISO 13157-1 NFC Security &#8211; Part 1: NFC-SEC NFCIP-1 security services and protocol<\/li>\n<li>&#8230;<\/li>\n<\/ul>\n<p><strong>Business etc<\/strong><\/p>\n<ul>\n<li>14662 Information technology &#8211; Openedi reference model<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso14662-1.png\"><img loading=\"lazy\" alt=\"ISO14662\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso14662-1-small.png\" width=\"300\" height=\"258\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>15944 Information technology \u2014 Business Operational View<\/li>\n<\/ul>\n<blockquote>\n<p>Part 1: Operational aspects of Open-edi for implementation<\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-1-1.png\"><img loading=\"lazy\" alt=\"ISO15944-1\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-1-1-small.png\" width=\"300\" height=\"238\" \/><\/a><\/p>\n<p>Part 4: Business transaction scenarios &#8211; Accounting and economic ontology<\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-4-1.png\"><img loading=\"lazy\" alt=\"ISO15944-4\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-4-1-small.png\" width=\"300\" height=\"244\" \/><\/a><\/p>\n<p>Part 6: Technical introduction to e-Business modelling<\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-6-1.png\"><img loading=\"lazy\" alt=\"ISO15944-6\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-6-1-small.png\" width=\"300\" height=\"172\" \/><\/a><\/p>\n<p>Part 8: Identification of privacy protection requirements as external constraints on business transactions<\/p>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-8-1.png\"><img loading=\"lazy\" alt=\"ISO15944-8\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15944-8-1-small.png\" width=\"300\" height=\"322\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO 27036-1 Information security for supplier relationships &#8211; Part 1: Overview and concepts<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso27036-1-1.png\"><img loading=\"lazy\" alt=\"ISO27036-1\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso27036-1-1-small.png\" width=\"300\" height=\"178\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO\/TR 24714-1 Biometrics &#8211; Jurisdictional and societal considerations for commercial applications &#8211; Part 1: General guidance<\/li>\n<\/ul>\n<p><strong>Privacy &amp; Identity<\/strong><\/p>\n<ul>\n<li>ISO 29100 Privacy framework<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso29100-1.png\"><img loading=\"lazy\" alt=\"ISO29100\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso29100-1-small.png\" width=\"300\" height=\"154\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO 24760-1 A framework for identity management &#8211; Part 1: Terminology and concepts<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso24760-1-1.png\"><img loading=\"lazy\" alt=\"ISO24760-1\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso24760-1-1-small.png\" width=\"300\" height=\"218\" \/><\/a><\/p>\n<\/p>\n<\/blockquote>\n<p><strong>Common Criteria<\/strong><\/p>\n<ul>\n<li>15408-1 Evaluation criteria for IT security \u2014 Part 1: Introduction and general model<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15408-1-1.png\"><img loading=\"lazy\" alt=\"ISO15408-1\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso15408-1-1-small.png\" width=\"300\" height=\"265\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO 18045 Methodology for IT security evaluation<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso18045-1.png\"><img loading=\"lazy\" alt=\"ISO18045\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso18045-1-small.png\" width=\"300\" height=\"221\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO TR 15446 Guide for the production of Protection Profiles and Security Targets<\/li>\n<\/ul>\n<p><strong>Other<\/strong><\/p>\n<ul>\n<li>ISO 19464 Advanced Message Queuing Protocol (AMQP) v1.0 specification<\/li>\n<li>ISO 18180 Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2<\/li>\n<\/ul>\n<blockquote>\n<p><a href=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso18180-1.png\"><img loading=\"lazy\" alt=\"ISO18180\" src=\"http:\/\/saisa.eu\/blogs\/Guidance\/wp-content\/uploads\/2014\/05\/iso18180-1-small.png\" width=\"300\" height=\"114\" \/><\/a><\/p>\n<\/blockquote>\n<ul>\n<li>ISO 2382-37 Information technology &#8211; Vocabulary &#8211; Part 37: Biometrics<\/li>\n<li>ISO\/TR 24772 Information technology &#8211; Programming languages &#8211; Guidance to avoiding vulnerabilities in programming languages through language selection and use<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>It is good to know that some freely available ISO standards are related to security and privacy (Reference: Publicly Available Standards). For example ISO 27000 and ISO 29100 are freely available. Security Management ISO 27000 Information security management systems &#8211; &hellip; <a href=\"https:\/\/saisa.eu\/blogs\/Guidance\/?p=1476\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[32,26,41,44],"tags":[],"_links":{"self":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1476"}],"collection":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1476"}],"version-history":[{"count":1,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1476\/revisions"}],"predecessor-version":[{"id":1505,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=\/wp\/v2\/posts\/1476\/revisions\/1505"}],"wp:attachment":[{"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1476"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1476"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/saisa.eu\/blogs\/Guidance\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1476"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}