iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
CEN

prEN 17799

(Main)

Personal data protection requirements for processing operations

Personal data protection requirements for processing operations

This document specifies baseline requirements for demonstrating processing activities compliance with the European personal data protection normative framework in accordance with EN ISO/IEC 17065. It does not however apply to products or management systems destined for processing personal data.
This document is applicable to all organizations which, as personal data controllers and/or processors, process personal data, and its objective is to provide a set of requirements enabling such organizations to conform effectively with the European personal data protection normative framework.
An organization can decide that the standard is applicable only to a specific subset of its processing activities if such a decision does not involve failure to conform with the European personal data protection normative framework.
This document also provides indications for conformity assessment with the aforementioned requirements.

Anforderungen an den Datenschutz bei Verarbeitungsvorgängen

Dieses Dokument legt die grundlegenden Anforderungen für den Nachweis fest, dass die Verarbeitungs¬tätigkeiten dem europäischen normativen Bezugsrahmen für den Schutz personenbezogener Daten in Über¬einstimmung mit EN ISO/IEC 17065 entsprechen. Es gilt jedoch nicht für Produkte oder Management¬systeme, die für die Verarbeitung personenbezogener Daten vorgesehen sind.
Dieses Dokument gilt für alle Organisationen, die – als für die Datenverarbeitung Verantwortliche („Verantwortlicher“) und/oder Auftragsverarbeiter – personenbezogene Daten verarbeiten, und sein Ziel ist es, eine Reihe von Anforderungen bereitzustellen, die es diesen Organisationen ermöglichen, sich wirksam an den europäischen normativen Bezugsrahmen für den Schutz personenbezogener Daten anzupassen.
Eine Organisation kann beschließen, dass die Norm nur auf eine bestimmte Untergruppe ihrer Verarbei¬tungstätigkeiten anwendbar ist, wenn eine solche Entscheidung nicht die Nichteinhaltung des normativen europäischen Bezugsrahmens für den Schutz personenbezogener Daten beinhaltet.
Dieses Dokument enthält auch Angaben für die Bewertung der Konformität mit den vorgenannten Anforderungen.

Exigences de protection des données à caractère personnel pour les opérations de traitement

Le présent document spécifie des exigences de base pour démontrer la conformité des activités de traitement au cadre normatif européen de protection des données à caractère personnel, conformément à l'EN ISO/IEC 17065. Il ne s'applique cependant pas aux produits ou systèmes de management destinés au traitement des données à caractère personnel.
Le présent document est applicable à tous les organismes qui, en tant que responsables de traitement et/ou sous-traitants, traitent des données à caractère personnel, et son objectif est de fournir un ensemble d'exigences permettant à ces organismes de se conformer efficacement au cadre normatif européen de protection des données à caractère personnel.
Un organisme peut décider que la norme n'est applicable qu'à un sous-ensemble spécifique de ses activités de traitement si une telle décision n'implique pas une non-conformité avec le cadre normatif européen de protection des données à caractère personnel.
Le présent document fournit également des indications pour l'évaluation de la conformité avec les exigences susmentionnées.

Zahteve za varstvo osebnih podatkov za postopke obdelave

General Information

Status
Not Published
Publication Date
28-Sep-2023
ICS
03.120.20 - Product and company certification. Conformity assessment
03.160 - Law. Administration
Technical Committee
CEN/CLC/TC 13 - Cybersecurity and Data Protection
Drafting Committee
CEN/CLC/JTC 13/WG 5 - Data Protection, Privacy and Identity Management
Current Stage
4599 - Dispatch of FV draft to CMC - Finalization for Vote
Start Date
20-Dec-2022
Due Date
31-Jan-2022
Completion Date
20-Dec-2022
Ref Project
oSIST prEN 17799:2022 - Personal data protection requirements for processing operations

Buy Standard

prEN 17799:2022prEN 17799:2022
PreviousNext
Draft
prEN 17799:2022
English language
26 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
oSIST prEN 17799:2022
01-februar-2022
Zahteve za varstvo osebnih podatkov za postopke obdelave
Personal data protection requirements for processing operations
Anforderungen an den Datenschutz bei Verarbeitungsvorgängen
Ta slovenski standard je istoveten z: prEN 17799
ICS:
03.160 Pravo. Uprava Law. Administration
35.020 Informacijska tehnika in Information technology (IT) in
tehnologija na splošno general
oSIST prEN 17799:2022 en,fr,de

2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
oSIST prEN 17799:2022
---------------------- Page: 2 ----------------------
oSIST prEN 17799:2022
EUROPEAN STANDARD DRAFT
prEN 17799
NORME EUROPÉENNE
EUROPÄISCHE NORM
December 2021
ICS 03.120.20; 03.160
English version
Personal data protection requirements for processing
operations

Exigences de protection des données à caractère Anforderungen an den Datenschutz bei

personnel pour les opérations de traitement Verarbeitungsvorgängen

This draft European Standard is submitted to CEN members for enquiry. It has been drawn up by the Technical Committee

CEN/CLC/JTC 13.

If this draft becomes a European Standard, CEN and CENELEC members are bound to comply with the CEN/CENELEC Internal

Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any

alteration.

This draft European Standard was established by CEN and CENELEC in three official versions (English, French, German). A

version in any other language made by translation under the responsibility of a CEN and CENELEC member into its own language

and notified to the CEN-CENELEC Management Centre has the same status as the official versions.

CEN and CENELEC members are the national standards bodies and national electrotechnical committees of Austria, Belgium,

Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy,

Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia,

Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom.

Recipients of this draft are invited to submit, with their comments, notification of any relevant patent rights of which they are

aware and to provide supporting documentation.Recipients of this draft are invited to submit, with their comments, notification

of any relevant patent rights of which they are aware and to provide supporting documentation.

Warning : This document is not a European Standard. It is distributed for review and comments. It is subject to change without

notice and shall not be referred to as a European Standard.
CEN-CENELEC Management Centre:
Rue de la Science 23, B-1040 Brussels
© 2021 CEN/CENELEC All rights of exploitation in any form and by any means
Ref. No. prEN 17799:2021 E
reserved worldwide for CEN national Members and for
CENELEC Members.
---------------------- Page: 3 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
Contents Page

European foreword ............................................................................................................................................ 4

Introduction .......................................................................................................................................................... 5

1 Scope .......................................................................................................................................................... 6

2 Normative references .......................................................................................................................... 6

3 Terms and definitions ......................................................................................................................... 6

4 Overview .................................................................................................................................................. 8

5 Planning ................................................................................................................................................... 8

5.1 General...................................................................................................................................................... 8

5.2 Understanding the needs and expectations of interested parties ...................................... 8

5.3 Scope of personal data processing activities .............................................................................. 9

5.3.1 General...................................................................................................................................................... 9

5.3.2 Records of data processing activities ............................................................................................ 9

5.3.3 Identification of the legal basis ........................................................................................................ 9

5.3.4 Data minimization .............................................................................................................................. 10

5.3.5 Storage of data ..................................................................................................................................... 10

5.4 Policy for personal data protection .............................................................................................. 11

5.5 Roles and responsibilities ............................................................................................................... 11

5.5.1 General.................................................................................................................................................... 11

5.5.2 Internal roles ........................................................................................................................................ 12

5.5.3 External roles ....................................................................................................................................... 13

5.6 Risk management ............................................................................................................................... 13

5.6.1 General.................................................................................................................................................... 13

5.6.2 Data protection risk assessment and impact analysis .......................................................... 13

5.6.3 Evaluation of the impact on data protection ............................................................................. 15

5.6.4 Risk treatment and treatment plan .............................................................................................. 15

5.7 Personal data protection by design and by default ................................................................ 15

6 Operational activities ........................................................................................................................ 16

6.1 General.................................................................................................................................................... 16

6.2 Data protection notices and consent ........................................................................................... 16

6.2.1 Data protection notices .................................................................................................................... 16

6.2.2 Consent ................................................................................................................................................... 16

6.3 Update of roles ..................................................................................................................................... 17

6.4 Personal data protection .................................................................................................................. 17

6.4.1 Erasure of data ..................................................................................................................................... 17

6.4.2 Implementation and maintenance of security measures ..................................................... 17

6.4.3 Management of personal data breaches ..................................................................................... 18

6.5 Data subjects’ requests for the application of their rights................................................... 19

6.5.1 General.................................................................................................................................................... 19

6.5.2 Data access ............................................................................................................................................ 19

6.5.3 Correction .............................................................................................................................................. 19

6.5.4 Erasure.................................................................................................................................................... 20

6.5.5 Restriction of processing ................................................................................................................. 20

6.5.6 Data portability ................................................................................................................................... 20

6.5.7 Objections .............................................................................................................................................. 20

---------------------- Page: 4 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)

6.5.8 Automated decisions, including profiling .................................................................................. 21

6.5.9 Complaints and appeals ................................................................................................................... 21

6.6 Training and awareness ................................................................................................................... 21

7 Control .................................................................................................................................................... 21

7.1 General ................................................................................................................................................... 21

7.2 Internal audits ..................................................................................................................................... 21

7.3 Periodical report................................................................................................................................. 22

7.4 Nonconformities and corrective actions .................................................................................... 23

Annex A (informative) Controllers and processors requirements mapping ............................. 24

Bibliography ....................................................................................................................................................... 26

---------------------- Page: 5 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
European foreword

This document (prEN 17799:2021) has been prepared by Technical Committee CEN/CLC/JTC 13

“Cybersecurity and Data Protection”, the secretariat of which is held by DIN.
This document is currently submitted to the CEN Enquiry.
---------------------- Page: 6 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
Introduction

Personal data protection is regulated throughout Europe according to laws, the most important of which

is the European Regulation 2016/679 (hereafter referred to as “Regulation”). This regulates the

protection of natural persons with regard to the processing of personal data but does not contextualise

it in a set of consequential or related activities and refers specifically to mechanisms for the certification

of personal data protection for demonstrating compliance with the Regulation.

ISO/IEC 27701 is undergoing the process for adoption as an EN, and CEN/CLC JTC 13 is undertaking a

new work item on “enhancing ISO/IEC 27701 for the EU context”. Those efforts will also provide a solid

basis for GDPR conformance and alignment of the European data protection landscape with global norms.

The focus of those standards is however fundamentally different since they are aimed to a management

system and not to services and processes as the current document.
---------------------- Page: 7 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
1 Scope

This document specifies baseline requirements for demonstrating processing activities compliance with

the European personal data protection normative framework in accordance with EN ISO/IEC 17065. It

does not however apply to products or management systems destined for processing personal data.

This document is applicable to all organizations which, as personal data controllers and/or processors,

process personal data, and its objective is to provide a set of requirements enabling such organizations

to conform effectively with the European personal data protection normative framework.

An organization can decide that the standard is applicable only to a specific subset of its processing

activities if such a decision does not involve failure to conform with the European personal data

protection normative framework.

This document also provides indications for conformity assessment with the aforementioned

requirements.
2 Normative references

The following documents are referred to in the text in such a way that some or all of their content

constitutes requirements of this document. For dated references, only the edition cited applies. For

undated references, the latest edition of the referenced document (including any amendments) applies.

ISO/IEC 27000, Information technology - Security techniques - Information security management systems -

Overview and vocabulary
3 Terms and definitions

For the purposes of this document, the terms and definitions given in ISO/IEC 27000 and the following

apply.

ISO and IEC maintain terminological databases for use in standardization at the following addresses:

— IEC Electropedia: available at https://www.electropedia.org/
— ISO Online browsing platform: available at https://www.iso.org/obp
3.1
supervisory authority

independent public authority which is established by a Member State pursuant to Article 51

[SOURCE: European Regulation 2016/679]
3.2
supervisory authority concerned

supervisory authority which is concerned by the processing of personal data because: (a) the controller

or processor is established on the territory of the Member State of that supervisory authority; (b) data

subjects residing in the Member State of that supervisory authority are substantially affected or likely to

be substantially affected by the processing; or (c) a complaint has been lodged with that supervisory

authority
[SOURCE: European Regulation 2016/679]
---------------------- Page: 8 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
3.3
consent
consent of the data subject

any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he

or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal

data relating to him or her
[SOURCE: European Regulation 2016/679]
3.4
personal data

any information relating to an identified or identifiable natural person (‘data subject’); an identifiable

natural person is one who can be identified, directly or indirectly, in particular by reference to an

identifier such as a name, an identification number, location data, an online identifier or to one or more

factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that

natural person
[SOURCE: European Regulation 2016/679]
3.5
profiling

any form of automated processing of personal data used to evaluate certain aspects relating to a natural

person, in particular to analyse or to predict aspects concerning that natural person’s performance at

work, economic situation, health, personal preferences, interests, reliability, behaviour, location or

movements
[SOURCE: European Regulation 2016/679]
3.6
processor

natural or legal person, public authority, agency or other body which processes personal data on behalf

of the controller
[SOURCE: European Regulation 2016/679]
3.7
processing

any operation or set of operations which is performed on personal data or on sets of personal data,

whether or not by automated means, such as collection, recording, organization, structuring, storage,

adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or

otherwise making available, alignment or combination, restriction, erasure or destruction

[SOURCE: European Regulation 2016/679]
3.8
controller

natural or legal person, public authority, agency or other body which, alone or jointly with others,

determines the purposes and means of the processing of personal data; where the purposes and means

of such processing are determined by Union or Member State law, the controller or the specific criteria

for its nomination may be provided for by Union or Member State law
[SOURCE: European Regulation 2016/679]
---------------------- Page: 9 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
3.9
third party

the natural or legal person, public authority, agency or other body other than a data subject, controller,

processor and persons who, under the direct authority of the controller or processor, are authorized to

process personal data
[SOURCE: European Regulation 2016/679]
3.10
impact
data protection impact

anything that has an effect on the protection of a data subject and/or group of data subjects

[SOURCE: ISO/IEC 27557]
3.11
consequence
outcome of an event affecting organizational objectives
[SOURCE: ISO/IEC 27557]
4 Overview

This document specifies baseline requirements for the processing of personal data so that an

organization, whether controller or processor, is able to attain compliance with the European and

applicable national personal data protection normative framework. The separation between controller

and processor activities is based on the requirements within the aforementioned normative framework

but processors might be delegated more activities by the related controllers, therefore transferring the

applicability of related additional requirements set forth in this document to them.

The present document is completed by Annex A which contains the indications for conformity

assessment to the requirements of the document.
5 Planning
5.1 General

This clause sets out the activities which a controller or processor shall perform, in order to carry out the

protection of personal data in a systematic and organized way within processing activities. They shall be

implemented periodically or after relevant changes such as modifications to the law or corporate

organization, structural changes in information technology or its characteristics.

5.2 Understanding the needs and expectations of interested parties
The controller or processor shall determine:

a) all interested parties, involved in personal data processing activities including data subjects,

processors and controllers; and

b) the requirements of such interested parties related to personal data processing activities;

the mandatory requirements of the normative reference framework of national laws and the

contractual obligations.
---------------------- Page: 10 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)
5.3 Scope of personal data processing activities
5.3.1 General

The controller shall determine the limits and applicability of the personal data processing, documenting:

records of data processing activities, their legal basis, the locations, organizational structure (including

all interested parties identified in 5.1), information systems and main involved supporting assets.

5.3.2 Records of data processing activities

The controller or processor shall identify the personal data and their flow related to each processing and

shall keep them updated in personal data processing activity records. In particular, the controller or

processor shall establish and maintain up-to-date records of data processing activities identifying:

1) the controller of the processing;
2) the processes which use personal data;
3) the sources of processed personal data;
4) the processed personal data and related categories;
5) the purposes of the use of the personal data;
6) the recipients of personal data, including third parties;

7) the role (controller, processor or joint controller of the processing of the organization;

8) the information systems involved in the archiving of personal data;

9) any transfers of personal data to third parties, international organizations or other countries;

10) the storage period of personal data or the criteria used for determining such period and the measures

taken at the end of the period;
11) the locations where processing takes place.
NOTE This is in line with article 30 of the Regulation.
5.3.3 Identification of the legal basis

The controller shall define the legal basis for the processing of personal data and communicate them to

the data subjects. The controller shall document the legal basis.
NOTE The legal basis contained in article 6 of the Regulation are as follows:

— the data subject has given consent to the processing of his or her personal data for one or more specific

purposes;

— processing is necessary for the performance of a contract to which the data subject is party or in order to take

steps at the request of the data subject prior to entering into a contract;

— processing is necessary for compliance with a legal obligation to which the controller is subject;

— processing is necessary for protecting the vital interests of the data subject or of another natural person;

---------------------- Page: 11 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)

— processing is necessary for the performance of a task carried out in the public interest or for in the exercise of

official authority vested in the controller;

— processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party,

except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject

which require protection of personal data, in particular where the data subject is a child.

When special categories of personal data are processed, the controller shall identify, define, communicate

and document the legal basis for the processing of personal data, which shall be instead chosen from

amongst the following:
— the explicit data subject’s consent for specific purposes;
— processing is necessary for compliance with labour laws;

— processing is necessary for the protection of the vital interests of data subjects;

— processing is necessary for the legitimate activities of a foundation, association or other no-profit —

body for political, philosophical, religious or trade union purposes, with appropriate safeguards;

— it is information intentionally made public by data subjects;

— processing is necessary for the creation, performance or defence of legal claims;

— processing is necessary for reasons of relevant public interests;

— processing is necessary for preventive or occupational medicine, for the provision of health services

or social assistance;
— processing is necessary for reasons of public health or professional secrecy;

— processing is necessary for archiving purposes in the public interest, scientific or historical research

purposes or statistical purposes.
NOTE As defined by Article 9 of the Regulation.
5.3.4 Data minimization
The controller shall, for all processing, always ensure that:

a) the organization processes the minimum quantity of personal data requested to fulfil its legitimate

purposes;

b) any other personal data which is not relevant are not gathered unless the provision of such

information is optional and only processed with the consent of the data subject;

c) any processing activity and the relevant purposes are performed accordingly to the data protection

notice;

d) new systems and processes involving processing of personal data are reviewed in order to guarantee

that the processed information is relevant and not unnecessary.
5.3.5 Storage of data

Storage periods of personal data, or, where not possible, the criteria used to determine those periods,

shall be:
---------------------- Page: 12 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)

a) defined by the controller considering the effective need for the purposes of processing and the

periods indicated in the normative requirements and in the purposes of the processing; and

b) declared in the relevant data protection notices.

The controller shall keep documentation regarding the motivations leading to the definition of such

periods.
5.4 Policy for personal data protection

The controller’s or processor’s top management shall establish a policy for personal data protection

which:
a) is consistent with the purposes of the organization;

b) provides a reference framework for setting objectives for the protection of personal data;

c) includes a commitment to fulfil applicable requirements for the protection of personal data in

compliance with the present document and with the reference personal data protection normative

framework;

d) includes a commitment to continuously improve the protection of personal data;

e) is suitable for the corporate organization and its geographical location, the architecture and

connection of the networks and IT systems and the existing policies concerning the exchange of data.

The policy for personal data protection shall:
— be documented;
— be communicated within the organization;

— be made available to all interested parties, external and internal, involved in the processing of

personal data; and
— be periodically reviewed and updated if necessary.

The policy for personal data protection shall involve the coverage of all processing of personal data of

data subjects covered by EU law.
5.5 Roles and responsibilities
5.5.1 General

The controller’s or processor’s top management shall ensure that the responsibilities and authority of the

relevant roles are assigned and communicated.

The controller’s or processor’s top management shall assign the responsibilities and authority in order

to:

a) ensure that the activities regarding the processing of personal data conform with the present

document and with the normative reference standard framework; and
b) report the results of such activities to the top management.
c) Responsibilities shall be duly assigned for:
---------------------- Page: 13 ----------------------
oSIST prEN 17799:2022
prEN 17799:2021 (E)

d) monitoring the compliance of the policy for personal data protection with the normative reference

framework;

e) implementing the objectives for the protection of personal data, including those defined in the

practice regarding the processing of personal data set out or specified in any code of conduct

applicable to the organization;
f) managing the training program and creating awareness;
g) assigning authorizations for the processing of personal data;

h) defining and approving the following documented procedures for processing personal data:

1) gathering and processing of personal data;

2) management and communication of all information regarding the personal data protection;

3) processing of requests made by data subjects;
4) management of complaints;
5) management of personal data breaches;
6) management of suppliers and external officers;

7) controls and any transfers of personal data to third parties or international organizations; and

8) monitoring of normative updates and legal developments concerning the personal data

protection.
5.5.2 Internal roles
5.5.2.1 Data protection manager

At least one member of the controller’s or processor’s management shall be designated as person in

charge of data protection matters for activities of the processing of personal data within an organization

in such a way as to manage compliance with the data protection requirements and best practices.

prEN 17740 defines the competence requirements applicable to the profile and its main characteristics.

5.5.2.2 Data protection officer

If a controller or a processor is required to nominate a data protection officer in accordance with article

37 of the Regulation or decides to do so owing to specific corporate needs, it shall nominate a person

adequately qualified to perform such tasks and it shall assign this person’s role.

NOTE The assignment of the person’s role is described in article 38 of the Regulation.

The contact details of the data protection officer shall be communicated to the competent supervisory

authority and included in the data protection notices (see 6.2.1).

The data protection officer, or if such figure does not exist, an adequately qualified person, shall ensure

at least the conduct of the tasks.
NOTE These tasks are set out in article 39 of the Regulation.
prEN 17740 defines the competence
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

CEN
EN ISO 7380-1:2023(Main)
Fasteners - Button head screws with reduced loadability - Part 1: Hexagon socket button head screws (ISO 7380-1:2022)
SIST EN ISO 7380-1:2023

This document specifies the characteristics of hexagon socket button head screws with reduced loadability due to head design, in steel and stainless steel, with metric coarse pitch threads M3 to M16, and with product grade A.
If, in certain cases, other specifications are requested, stainless steel grades can be selected from ISO 3506-1, and the dimensional options from ISO 888 or ISO 4753.
NOTE      The reduced loadability (related to the head dimensions in combination with penetration of the hexagon socket specified in this document) implies a limitation of ultimate tensile load shown by a specific marking (property class preceded by a zero). The loadability in the head is assumed to be 80 % of that in the thread for all sizes and all property classes, see Table 4.

  • Standard
    17 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 7380-2:2023(Main)
Fasteners - Button head screws with reduced loadability - Part 2: Hexagon socket button head screws with collar (ISO 7380-2:2022)
SIST EN ISO 7380-2:2023

This document specifies the characteristics of hexagon socket button head screws with collar, with reduced loadability due to head design, in steel, with metric coarse pitch threads M3 to M16, and with product grade A.
If in certain cases other specifications are requested, dimensional options can be selected from ISO 888 or ISO 4753.
NOTE      The reduced loadability (related to the head dimensions in combination with penetration of the hexagon socket specified in this document) implies a limitation of ultimate tensile load shown by a specific marking (property class preceded by a zero). The loadability in the head is assumed to be 80 % of that in the thread for all sizes and all property classes, see Table 4.

  • Standard
    16 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 18314-2:2023(Main)
Analytical colorimetry - Part 2: Saunderson correction, solutions of the Kubelka-Munk equation, tinting strength, depth of shade, hiding power (ISO 18314-2:2023)
SIST EN ISO 18314-2:2023

This document specifies the Saunderson correction for different measurement geometries and the solutions of the Kubelka-Munk equation for hiding and transparent layers. It also specifies methods for the calculations of the tinting strength including the residual colour difference based on different criteria such as the depth of shade. Finally, methods for determining the hiding power are provided.
The procedures for preparing the samples for these measurements are not part of this document. They are agreed between the contracting parties or are described in other national or international standards.

  • Draft
    22 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 4884:2022(Main)
Aerospace series - Steel X3CrNiMoAl (1.4534) - Vacuum induction melted and consumable electrode remelted - Solution treated and precipitation treated - Bars for machining - a or D ≤ 200 mm - 1 200 MPa ≤ Rm ≤ 1 350 MPa
SIST EN 4884:2023

This document specifies the requirements relating to:
Steel X3CrNiMoAl (13-8-2)
Vacuum induction melted and consumable electrode remelted
Solution treated and precipitation treated
Bars for machining
a or D ≤ 200 mm
1 200 MPa ≤ Rm ≤ 1 350 MPa
for aerospace applications.
Material no (W.L): 1.4534.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 4374:2022(Main)
Aerospace series - Heat-resisting alloy NI-PH1301 (NiCr19Co18Mo4Ti3Al3) - Solution treated and precipitation treated - Bars and sections - De ≤ 200 mm
SIST EN 4374:2023

This document specifies the requirements relating to:
Heat-resisting alloy NI-PH1301 (NiCr19Co18Mo4Ti3Al3)
Solution treated and precipitation treated
Bars and sections
De ≤ 200 mm
for aerospace applications.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 3434:2022(Main)
Aerospace series - Nuts, hexagon, slotted/castellated, self-locking, in steel, cadmium plated, MoS2 lubricated - Classification: 900 MPa (at ambient temperature)/235 °C
SIST EN 3434:2023

This standard specifies characteristics of self-locking hexagonal slotted/castellated nuts, in steel, cadmium plated, MoS2 lubricated, for aerospace applications.
Classification: 900 MPa /235 °C .

  • Standard
    8 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    8 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 3675:2022(Main)
Aerospace series - Sampling plan for acceptance testing of aramid, carbon fibre and textile glass filament yarns
SIST EN 3675:2023

This document specifies the sampling plan for acceptance testing of aramid, carbon fibre and textile glass filament yarns in terms of sample size and rejection criteria.
This document serves as a basis for the corresponding technical specification. It covers the inspection by attributes. The inspection by measurements (variables) will be added in subsequent edition. It is also planned to extend its scope of application to reinforcing woven fabrics.

  • Standard
    8 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 3557:2022(Main)
Aerospace series - Aluminium alloy AL-P6061-T4 - Drawn tube for pressure applications - 0,6 mm ≤ a ≤ 3 mm
SIST EN 3557:2023

This document specifies the requirements relating to:
Aluminium alloy AL-P6061-T4
Drawn tube for pressure applications
0,6 mm ≤ a ≤ 3 mm
for aerospace applications.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN ISO 1675:2022(Main)
Plastics - Liquid resins - Determination of density by the pycnometer method (ISO 1675:2022)
SIST EN ISO 1675:2023

This document specifies a method for the determination of the density of liquid resins using a pycnometer.

  • Standard
    11 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    8 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CEN
EN 4882:2022(Main)
Aerospace series - Steel X5CrNiCu 17-4 (1.4542) - Air melted - Solution treated and precipitation treated - Sheets and strips - a ≤ 6 mm - Rm ≥ 1 070 MPa
SIST EN 4882:2023

This document specifies the requirements relating to:
Steel X5CrNiCu 17 4 (1.4542)
Air melted
Solution treated and precipitation treated
Sheets and strips
a ≤ 6 mm
Rm ≥ 1 070 MPa
for aerospace applications.
Material no (W.nr): 1.4542.
The ASD STAN designation of this material is FE PM3801.

  • Standard
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    9 pages
    English language
    sale 10% off
    e-Library read for
    1 day