ISO/IEC 15408-3:2022
(Main)Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 3: Security assurance components
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 3: Security assurance components
This document defines the assurance requirements of the ISO/IEC 15408 series. It includes the individual assurance components from which the evaluation assurance levels and other packages contained in ISO/IEC 15408-5 are composed, and the criteria for evaluation of Protection Profiles (PPs), PP-Configurations, PP-Modules, and Security Targets (STs).
Sécurité de l'information, cybersécurité et protection de la vie privée — Critères d'évaluation pour la sécurité des technologies de l'information — Partie 3: Composants d'assurance de sécurité
General Information
Relations
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 15408-3
Fourth edition
2022-08
Information security, cybersecurity
and privacy protection — Evaluation
criteria for IT security —
Part 3:
Security assurance components
Sécurité de l'information, cybersécurité et protection de la vie
privée — Critères d'évaluation pour la sécurité des technologies de
l'information —
Partie 3: Composants d'assurance de sécurité
Reference number
ISO/IEC 15408-3:2022(E)
© ISO/IEC 2022
---------------------- Page: 1 ----------------------
ISO/IEC 15408-3:2022(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2022
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
© ISO/IEC 2022 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 15408-3:2022(E)
Contents Page
Foreword .x
Introduction .xii
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 Overview . 5
5 Assurance paradigm .6
5.1 General . 6
5.2 ISO/IEC 15408 series approach . 6
5.3 Assurance approach . 6
5.3.1 General . 6
5.3.2 Significance of vulnerabilities . 6
5.3.3 Cause of vulnerabilities . 7
5.3.4 ISO/IEC 15408 series assurance . 7
5.3.5 Assurance through evaluation . 7
5.4 ISO/IEC 15408 series evaluation assurance scale . 8
6 Security assurance components . 8
6.1 General . 8
6.2 Assurance class structure .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.