UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

CEN - EN ISO/IEC 18045

Information technology - Security techniques - Methodology for IT security evaluation

inactive
Organization: CEN
Publication Date: 1 March 2020
Status: inactive
Page Count: 308
ICS Code (IT Security): 35.030
scope:

This International Standard is a companion document to the "Evaluation criteria for IT security", ISO/IEC 15408. This International Standard defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 evaluation, using the criteria and evaluation evidence defined in ISO/IEC 15408.

This International Standard does not define evaluator actions for certain high assurance ISO/IEC 15408 components, where there is as yet no generally agreed guidance.

Document History

EN ISO/IEC 18045
November 1, 2023
Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Methodology for IT security evaluation
This document defines the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 series evaluation, using the criteria and evaluation evidence defined in the ISO/IEC...
EN ISO/IEC 18045
March 1, 2020
Information technology - Security techniques - Methodology for IT security evaluation
This International Standard is a companion document to the “Evaluation criteria for IT security”, ISO/IEC 15408. This International Standard defines the minimum actions to be performed by an...

References

This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 15408-2 - Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that...
This document references:
ISO/IEC 15408-3 - Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component TOEs, the...
This document is referenced by:
BS PD ISO/IEC TR 15446-TC - Tracked Changes (Redline) - Information technology — Security techniques — Guidance for the production of protection profiles and security targets
Published by BSI on February 27, 2020
A description is not available for this item.
This document is referenced by:
SN EN 17640 - Fixed-time cybersecurity evaluation methodology for ICT products
Published by SNV on November 1, 2022
This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload resources, for ICT products. It is intended to be applicable for all three...
This document is referenced by:
UNI EN 17640 - Fixed-time cybersecurity evaluation methodology for ICT products
Published by CEI on February 1, 2023
This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload resources, for ICT products. It is intended to be applicable for all three...
This document is referenced by:
EN 17640 - Fixed-time cybersecurity evaluation methodology for ICT products
Published by CEN on October 1, 2022
This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload resources, for ICT products. It is intended to be applicable for all three...
This document is referenced by:
BS EN 17640 - Fixed-time cybersecurity evaluation methodology for ICT products
Published by BSI on March 31, 2023
A description is not available for this item.
View Less
View All
Advertisement