Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 4: Framework for the specification of evaluation methods and activities

This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities. This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.

Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 4: Cadre prévu pour la spécification des méthodes d'évaluation et des activités connexes

General Information

Status
Published
Publication Date
08-Aug-2022
Current Stage
9092 - International Standard to be revised
Completion Date
27-Oct-2023
Ref Project

Buy Standard

Standard
ISO/IEC 15408-4:2022 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 4: Framework for the specification of evaluation methods and activities Released:9. 08. 2022
English language
16 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)

INTERNATIONAL ISO/IEC
STANDARD 15408-4
First edition
2022-08
Information security, cybersecurity
and privacy protection — Evaluation
criteria for IT security —
Part 4:
Framework for the specification of
evaluation methods and activities
Sécurité de l'information, cybersécurité et protection de la vie privée
— Critères d'évaluation pour la sécurité des technologies de
l'information —
Partie 4: Cadre prévu pour la spécification des méthodes d'évaluation
et des activités connexes
Reference number
ISO/IEC 15408-4:2022(E)
© ISO/IEC 2022

---------------------- Page: 1 ----------------------
ISO/IEC 15408-4:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
  © ISO/IEC 2022 – All rights reserved

---------------------- Page: 2 ----------------------
ISO/IEC 15408-4:2022(E)
Contents Page
Foreword .iv
Introduction . vi
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General model of evaluation methods and evaluation activities .1
4.1 Concepts and model . 1
4.2 Deriving evaluation methods and evaluation activities . 3
4.3 Verb usage in the description of evaluation methods and evaluation activities . 5
4.4 Conventions for the description of evaluation methods and evaluation activities . 6
5 Structure of an evaluation method .6
5.1 Overview . 6
5.2 Specification of an evaluation method . 7
5.2.1 Overview . 7
5.2.2 Identification of evaluation methods . 8
5.2.3 Entity responsible for the evaluation method . 9
5.2.4 Scope of the evaluation method . 9
5.2.5 Dependencies . 9
5.2.6 Required input from the developer or other entities . 9
5.2.7 Required tool types . 10
5.2.8 Requi
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.