UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

CEN - PREN 18037

Guidelines on a sectoral cybersecurity assessment

pending, Most Current
Organization: CEN
Publication Date: 1 November 2023
Status: pending
Page Count: 66
ICS Code (IT Security): 35.030
scope:

This document specifies an approach that supports the risk-based identification of cybersecurity, certification and assurance requirements to ICT products, processes and services for complex multi-stakeholder sectoral systems.

The sectoral cybersecurity assessment process includes all steps necessary to define, implement and maintain such requirements.

Document History

PREN 18037
November 1, 2023
Guidelines on a sectoral cybersecurity assessment
This document specifies an approach that supports the risk-based identification of cybersecurity, certification and assurance requirements to ICT products, processes and services for complex...

References

This document references:
EN 17927 - Security Evaluation Standard for IoT Platforms (SESIP). An effective methodology for applying cybersecurity assessment and re-use for connected products.
Published by CEN on November 1, 2023
This document specifies a cybersecurity evaluation methodology, named SESIP, for platforms and platform parts of connected IoT products. Security claims in SESIP are made based on the security...
This document references:
ISO 31000 - Risk management - Guidelines
Published by ISO on February 1, 2018
This document provides guidelines on managing risk faced by organizations. The application of these guidelines can be customized to any organization and its context. This document provides a common...
This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 15408-2 - Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that...
This document references:
ISO/IEC 15408-3 - Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component TOEs, the...
View Less
View All
Advertisement