Rechercher

1.1 Fields of application These Service Delivery guidelines are applicable to Very Small Entities (VSEs). A VSE is an enterprise, an organization, a department or a project having up to 25 people. ISO/IEC TR 29110-5-3:2018 provides guidance to manage a set of services delivered to customers. The VSE can act as an internal service provider (providing services internal to the VSE) or as an external…

This document establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in line with the privacy principles in ISO/IEC 29100 for the public cloud computing environment. In particular, this document specifies guidelines based on ISO/IEC 27002, taking into consideration the regulatory requirements for the…

This document provides principles and guidance for developing normative documents that contain: specified requirements for objects of conformity assessment to fulfil; specified requirements for conformity assessment systems that can be employed when demonstrating whether an object of conformity assessment fulfils specified requirements. This document is intended for use by standards developers…

The Government Regulated Financial Reports and Payroll Extension (DIS 5405) defines the functional requirements for exchanging reports and payroll audit data in flat file tables. This proposal concerns the specification of technical exchange formats in Extensible Markup Language (XML), JavaScript Object Notation (JSON) and flat file (CSV) as output file formats for the functional content defined…

This document provides an overview of regulatory, business and best practice risk mitigation requirements that would apply to the implementation, operation and governance of NPI policies, procedures and mechanisms necessary to support the lifecycle of all NPIs.  It also lists the issues and challenges the working group has come across since working on AWI 24366-2, which have to be addressed…

ISO/IEC 27000:2018 provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is applicable to all types and sizes of organization (e.g. commercial enterprises, government agencies, not-for-profit organizations). The terms and definitions provided in this document - cover commonly…

This document provides security controls and implementation guides for the third party payment service providers (TPPSPs). These security controls consist of - Security governance control group - Cross-sectional control group - Section-specific control group - Audit and assurance control group In ISO/AWI TS 9546, the guidelines for security framework of information…