Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — P...
1 Scope
This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders.
EXAMPLE Examples of provided packages include the evaluation assurance levels (EAL) and the composed assurance packages (CAPs).
This document presents:
— evaluation assurance level (EAL) family of packages that…
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — M...
Scope
This document defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 series evaluation, using the criteria and evaluation evidence defined in the ISO/IEC 15408 series.
Consumer protection — Privacy by design for consumer goods and services — Part 2: Use cases
This document provides illustrative use cases, with associated analysis, chosen to assist in understanding the requirements of 31700-1.
The intended audience includes engineers and practitioners who are involved in the development, implementation or operation of digitally enabled consumer goods and services.
Consumer protection — Privacy by design for consumer goods and services — Part 1: High-level require...
This document establishes high-level requirements for privacy by design to protect privacy throughout the lifecycle of a consumer product, including data processed by the consumer.
This document does not contain specific requirements for the privacy assurances and commitments that organizations can offer consumers nor does it specify particular methodologies that an organization can adopt to…
Mobile financial services — Customer identification guidelines
This document provides guidelines for customer identification in mobile financial services (MFS), including:
— a general framework of customer identification for MFS;
— the multi-dimensional overall identity assurance level (AL) of an MFS customer and its evaluation criteria;
— security and privacy considerations.
This document also contains annexes which demonstrate how to apply the ALs…
Information security, cybersecurity and privacy protection — Information security controls
1 Scope
This document provides a reference set of generic information security controls including
implementation guidance. This document is designed to be used by organizations:
a) within the context of an information security management system (ISMS) based on ISO/IEC 27001;
b) for implementing information security controls based on internationally recognized best practices;
c) for…
IEC TS 63134:2020+AMD1:2022 identifies AAL scenarios and use cases based on real-world applications and requirements. The use cases provide a practical context for considerations of interoperability and standards based on user experience. Use cases provide a context for utilizing existing standards and identifying further standardization work. User requirements have also been identified. This…
