CEN/CLC/JTC 13/WG 3 - Security evaluation and assessment
Security evaluation and assessment
General Information
This TS provides requirements and ISO/IEC 17065 interpretations for Conformity Assessment Bodies (CABs) assessing Cloud Services
This TS is intended to be used by the National Accreditation Bodies (NABs), as well as CABs.
- Technical specification45 pagesEnglish languagesale 10% offe-Library read for1 day
This document describes a cybersecurity evaluation methodology, named SESIP, for components of connected ICT products. Security claims in SESIP are made based on the security services offered by those components. Components can be in hardware and software. SESIP aims to support comparability between and reuse of independent security evaluations. SESIP provides a common set of requirements for the security functionality of components which apply to the foundational components of devices that are not application specific. The methodology describes the re-use of evaluation results.
- Standard101 pagesEnglish languagesale 10% offe-Library read for1 day
The scope of EN 17640 remains unchanged, adding the content of composition within:
This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload
resources, for ICT products. It is intended to be applicable for all three assurance levels defined in the CSA (i.e. basic, substantial and
high).
The methodology is comprised of different evaluation blocks including assessment activities that comply with the evaluation
requirements of the CSA for the mentioned three assurance levels. Where appropriate, it can be applied both to 3rd party evaluation
and self-assessment.
- Draft11 pagesEnglish languagesale 10% offe-Library read for1 day