The development of standards for the protection of information and ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as: SC 27 engages in active liaison and collaboration with appropriate bodies to ensure the proper development and application of SC 27 standards and technical reports in relevant areas – Security requirements capture methodology; – Management of information and ICT security; in particular information security management systems, security processes, and security controls and services; – Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information; – Security management support documentation including terminology, guidelines as well as procedures for the registration of security components; – Security aspects of identity management, biometrics and privacy; – Conformance assessment, accreditation and auditing requirements in the area of information security management systems; – Security evaluation criteria and methodology.
Status: Published
Publication Date:
Category: Cybersecurity
Working Group: ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
