UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

SNV - SN EN ISO/IEC 30111

Information technology - Security techniques - Vulnerability handling processes

active, Most Current
Organization: SNV
Publication Date: 1 November 2020
Status: active
Page Count: 24
ICS Code (IT Security): 35.030
scope:

This Document provides requirements and recommendations for how to process and remediate reported potential vulnerabilities in a product or service

This Document applicable to vendors involved in handling vulnerabilities

Document History

SN EN ISO/IEC 30111
November 1, 2020
Information technology - Security techniques - Vulnerability handling processes
This Document provides requirements and recommendations for how to process and remediate reported potential vulnerabilities in a product or service This Document applicable to vendors involved in...

References

This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO/IEC 27034-1 - Information technology - Security techniques - Application security - Part 1: Overview and concepts TECHNICAL CORRIGENDUM 1
Published by ISO on January 15, 2014
A description is not available for this item.
This document references:
ISO/IEC 29147 - Information technology - Security techniques - Vulnerability disclosure
Published by ISO on October 1, 2018
This document provides requirements and recommendations to vendors on the disclosure of vulnerabilities in products and services. Vulnerability disclosure enables users to perform technical...
This document references:
ISO 28001 - Security management systems for the supply chain — Best practices for implementing supply chain security, assessments and plans — Requirements and guidance
Published by ISO on October 15, 2007
This International Standard provides requirements and guidance for organizations in international supply chains to — develop and implement supply chain security processes; — establish and document a...
This document references:
ISO/IEC 15408-3 - Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component TOEs, the...
View Less
View All
Advertisement