The development of standards for the protection of information and ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as: SC 27 engages in active liaison and collaboration with appropriate bodies to ensure the proper development and application of SC 27 standards and technical reports in relevant areas. – Security requirements capture methodology; – Management of information and ICT security; in particular information security management systems (ISMS), security processes, security controls and services; – Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information; – Security management support documentation including terminology, guidelines as well as procedures for the registration of security components; – Security aspects of identity management, biometrics and privacy; – Conformance assessment, accreditation and auditing requirements in the area of information security; – Security evaluation criteria and methodology.
Status: Published
Publication Date: 2019-10-10
Category: Cybersecurity
Working Group:
