Rechercher

This part of ISO 9564 specifies the basic principles and techniques which provide the minimum security measures required for effective international PIN management. These measures are applicable to those institutions responsible for implementing techniques for the management and protection of PINs. This part of ISO 9564 also specifies PIN protection techniques applicable to financial transaction…

Introduction - The Purpose of This Workbook The Publication CAN/CSA-Q830, A Model Code for the Protection of Personal Information, referred to as the CSA Code, (a) provides the principles for the management of personal information; (b) specifies the minimum requirements for the adequate protection of personal information held by participating organizations; (c) makes the Canadian…

1. Scope 1.1 This model code describes the minimum requirements for the protection of personal information. Any applicable legislation must be considered in implementing these requirements. 1.2 This Standard may be applied to all personal information. Provided the minimum requirements are met, organizations may tailor this Standard to meet their specific circumstances. For example,…

Introduction The Model Code for the Protection of Personal Information being developed under the auspices of the Canadian Standards Association (CSA) has the potential to advance the cause of personal-data protection in Canada. No other country has attempted to negotiate and establish on a voluntary basis a general minimum standard for privacy protection in its private sector. As an…

This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities. This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.

This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is meant to be used as the basis for evaluation of security properties of IT products. This document provides an overview of all parts of the ISO/IEC 15408 series. It describes the various parts of the…

This document: ·       defines terms for identity management and specifies core concepts of identity and identity management, and their relationships, ·       is applicable to any information system where information relating to identity is processed or stored, ·       has been given the status of a horizontal document, as it applies concepts such as distinguishing the term “identity” from the…

This document provides an approach that support stakeholders in a supply chain to accomplish a chain of trust regarding properties of identifiable material goods along a supply chain. This document gives guidance on the identification of trust domains and their corresponding trustworthiness attributes, and the measures to achieve the targeted trustworthiness attributes. As a supply chain…

This document: •       provides guidelines for the implementation of systems for the management of identity information, and •       specifies requirements for the implementation and operation of a framework for identity management. This document is applicable to any information system where information relating to identity is processed or stored." to “This document: ·       provides…

ISO/IEC 27017:2015 gives guidelines for information security controls applicable to the provision and use of cloud services by providing: - additional implementation guidance for relevant controls specified in ISO/IEC 27002; - additional controls with implementation guidance that specifically relate to cloud services. This Recommendation | International Standard provides controls and…