UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

CEN - EN ISO/IEC 15408-3

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 3: Security assurance components

active, Most Current
Organization: CEN
Publication Date: 1 December 2023
Status: active
Page Count: 204
ICS Code (IT Security): 35.030
scope:

This document defines the assurance requirements of the ISO/IEC 15408 series. It includes the individual assurance components from which the evaluation assurance levels and other packages contained in ISO/IEC 15408-5 are composed, and the criteria for evaluation of Protection Profiles (PPs), PP-Configurations, PP-Modules, and Security Targets (STs).

Document History

EN ISO/IEC 15408-3
December 1, 2023
Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 3: Security assurance components
This document defines the assurance requirements of the ISO/IEC 15408 series. It includes the individual assurance components from which the evaluation assurance levels and other packages contained...
EN ISO/IEC 15408-3
March 1, 2020
Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components
This part of ISO/IEC 15408 defines the assurance requirements of ISO/IEC 15408. It includes the evaluation assurance levels (EALs) that define a scale for measuring assurance for component Targets of...

References

This document references:
ISO/IEC 15408-4 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 4: Framework for the specification of evaluation methods and activities
Published by ISO on August 1, 2022
This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities. This document does not specify how to evaluate,...
This document references:
ISO/IEC 15408-5 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 5: Pre-defined packages of security requirements
Published by ISO on August 1, 2022
This document provides packages of security assurance and security functional requirements that have been identified as useful in support of common usage by stakeholders. EXAMPLE Examples of provided...
This document references:
ISO 10007 - Quality management - Guidelines for configuration management
Published by ISO on March 1, 2017
This document provides guidance on the use of configuration management within an organization. It is applicable to the support of products and services from concept to disposal
This document references:
ISO/IEC 15408-1 - Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Part 1: Introduction and general model
Published by ISO on August 1, 2022
This document establishes the general concepts and principles of IT security evaluation and specifies the general model of evaluation given by various parts of the standard which in its entirety is...
This document references:
ISO/IEC 15408-2 - Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components
Published by ISO on August 15, 2008
This part of ISO/IEC 15408 defines the required structure and content of security functional components for the purpose of security evaluation. It includes a catalogue of functional components that...
This document references:
ISO/IEC 18045 - Information technology - Security techniques - Methodology for IT security evaluation
Published by ISO on August 15, 2008
A description is not available for this item.
This document references:
ISO/IEC/IEEE 24765 - Systems and software engineering - Vocabulary
Published by ISO on September 1, 2017
General Consistent with ISO vocabulary standards, each technical committee is responsible for standard terminology in its area of specialization. This document provides a common vocabulary applicable...
View Less
View All
Advertisement