Information security, cybersecurity and privacy protection — Security and privacy requirements for a...
This document provides high level security and privacy requirements for authentication using biometrics on mobile devices, including security and privacy requirements for functional components, for communication, for storage and for remote processing.
This document is applicable to remote modes, i.e., the cases that:
- the biometric sample is captured through mobile devices;
- the biometric…
Information technology — Cross jurisdictional and societal aspects of implementation of biometric te...
This document provides guidance on the specific considerations that need to be given when using
biometrics for major incident response. The following aspects are included within the scope of this
document:
• managing people and their identities (living or deceased) to co-ordinate the emergency response
effort
• linking reported missing persons to unidentified victims, reuniting relatives and…
This document specifies the contact tracing of the confirmed cases of infectious diseases for a public health emergency (PHE) response. The scope of the document includes:
overview and general procedures of contact tracing
requirements and privacy protection guidance in contact tracing The procedures given in this document may be applicable to the contact tracing except that the procedures…
This proposed standard is for anybody who creates or help create legal and related documents. It builds, and relies, on the foundation for plain language in WD 24495-1, Plain Language — Part 1: Governing Principles and Guidelines. This standard, Plain Language — Part 2 Legal Writing and Drafting, will add guidance and techniques to help authors make sure that people affected by legal and related…
Information security, cybersecurity and privacy protection — Requirements for the competence of IT s...
ISO/IEC 19896-1:2018 defines terms and establishes an organized set of concepts and relationships to understand the competency requirements for information security assurance conformance-testing and evaluation specialists, thereby establishing a basis for shared understanding of the concepts and principles central to the ISO/IEC 19896 series across its user communities. It provides fundamental…
Requirements for bodies providing audit and certification of privacy information management systems
This document specifies requirements and provides guidance for bodies providing audit and certification of a privacy information management system (PIMS) according to ISO/IEC 27701 in combination with ISO/IEC 27001, in addition to the requirements contained within ISO/IEC 27006. It is primarily intended to support the accreditation of certification bodies providing PIMS certification.
The…
Information technology — Cross-jurisdictional and societal aspects of implementation of biometric te...
This document describes potential applications of biometrics in identity management systems used for medical and healthcare purposes. It provides feedback from healthcare practitioners on the benefits, drawbacks, risks and priority of implementing certain use cases of healthcare with biometrics. For those use cases, information to system designers related to the selection of biometric type and…
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — M...
This document defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 series evaluation, using the criteria and evaluation evidence defined in the ISO/IEC 15408 series.
