This document provides the specialized requirements to demonstrate competence of individuals in performing IT product security evaluations in accordance with ISO/IEC 15408 (all parts) and
ISO/IEC 18045.
This document includes knowledge and skills especially in the following areas.
— Information security Knowledge: Information security principles, information security properties, information security threats and vulnerabilities
Skills: Understand information security requirements, understand the context — Information security evaluation Knowledge: Knowledge of ISO/IEC 15408 (all parts) and ISO/IEC 18045, laboratory management system
Skills: Basic evaluation skills, core evaluation skills, skills required when evaluating specific security assurance classes, skills required when evaluating specific security functional requirements classes — Information systems architecture Knowledge: Technology being evaluated
Skills: Understand the interaction of security components and information — Information security testing Knowledge: Information security testing techniques, information security testing tools, product development lifecycle, test types
Skills: Create and manage an information security test plan, design information security tests, prepare and conduct information security tests Source: https://www.iso.org/standard/71122.html
Status: Published
Publication Date: 2018-08-01
Category: Cybersecurity
Working Group:
