Cart (0)
  • No items in cart.
Total
$0
There is a technical issue about last added item. You can click "Report to us" button to let us know and we resolve the issue and return back to you or you can continue without last item via click to continue button.
Home
Content
Tour
eLibrary
Store
Search book title
Filters:
FORMAT
BOOKS
All Books
PACKAGES
All Packages
EDITION
to
PUBLISHER
AABC
(1)
AAMI
(337)
ACI
(589)
AISC
(54)
ASA
(234)
ASCE
(996)
ASHRAE
(657)
ASME
(2161)
ASSE
(117)
ASTM
(94394)
AWC
(54)
AWWA
(568)
BHMA
(124)
BICSI
(33)
BIFMA
(21)
BOMA
(20)
BSI
(94534)
CHD
(3)
CRSI
(17)
IAHSS
(1)
IAPMO
(374)
ICC
(315)
IEEE
(6731)
IES
(241)
ISEA
(16)
Joint Commission
(184)
Joint Commission Int.
(1)
NETA
(6)
NFPA
(1646)
TCNA
(17)
TMS
(19)
USGBC
(28)
WILEY
(4)
 
AR
(6)
AZ
(7)
CA
(115)
CT
(3)
FL
(57)
ID
(5)
IL
(5)
IN
(1)
KY
(1)
LA
(2)
MI
(25)
MN
(27)
NC
(27)
NJ
(13)
NY
(61)
OH
(24)
OR
(22)
PA
(7)
RI
(8)
SC
(20)
SD
(1)
TX
(3)
VA
(50)
VT
(6)
WA
(31)
CONTENT TYPE
 Act
 Admin Code
 Announcements
 Bill
 Book
 CADD File
 CAN
 CEU
 Charter
 Checklist
 City Code
 Code
 Commentary
 Comprehensive Plan
 Conference Paper
 County Code
 Course
 DHS Documents
 Document
 Errata
 Executive Regulation
 Federal Guideline
 Firm Content
 Guideline
 Handbook
 Interpretation
 Journal
 Land Use and Development
 Law
 Legislative Rule
 Local Amendment
 Local Code
 Local Document
 Local Regulation
 Local Standards
 Manual
 Model Code
 Model Standard
 Notice
 Ordinance
 Other
 Paperback
 PASS
 Periodicals
 PIN
 Plan
 Policy
 Product
 Product - Data Sheet
 Program
 Provisions
 Requirements
 Revisions
 Rules & Regulations
 Standards
 State Amendment
 State Code
 State Manual
 State Plan
 State Standards
 Statute
 Study Guide
 Supplement
 Sustainability
 Technical Bulletin
 All
  • BSI
    20/30362617 DC BS ISO/IEC 15408-4. Information security, cybersecurity and privacy protection. Evaluation criteria for IT security - Part 4. Framework for the specification of evaluation methods and activities
    Edition: 2020
    $44.66
    / user per year

Description of 20/30362617 DC 2020

The model of security evaluation in ISO/IEC 15408-1:20XX provides high-level generic Evaluation Activities which are defined in ISO/IEC 18045. More specific Evaluation Activities may be derived from these generic work units for particular situations such as for SFRs or SARs applied to specific technologies or TOE types. This document describes a framework that can be used for deriving Evaluation Activities from work units of ISO/IEC 18045 and grouping them into ‘Evaluation Methods’. Evaluation Activities or Evaluation Methods may be included in PPs and any documents supporting them. Where a PP, PP-Module, package, or Security Target (ST) identifies that specific Evaluation Methods/Evaluation Activities are to be used, then the evaluators are required by ISO/IEC 18045 to follow and report the relevant Evaluation Methods/Evaluation Activities when assigning evaluator verdicts. As noted in ISO/IEC 15408-1, in some cases an evaluation scheme may not approve the use of particular Evaluation Methods/Evaluation Activities: in such a case the evaluation scheme may decide not to carry out evaluations following an ST that requires those Evaluation Methods/Evaluation Activities.

This document also allows for Evaluation Activities to be defined for extended SARs, in which case derivation of the Evaluation Activities relates to equivalent action elements and work units defined for that extended SAR. Where reference is made in this document to the use of ISO/IEC 18045 or ISO/IEC 15408-3 for SARs (such as when defining rationales for Evaluation Activities) then in the case of an extended SAR the reference applies instead to the equivalent action elements and work units defined for that extended SAR.

For clarity, this document specifies how to define Evaluation Methods and Evaluation Activities but does NOT itself specify instances of Evaluation Methods or Evaluation Activities .

This document does not specify how to evaluate, adopt, or maintain Evaluation Methods and Evaluation Activities. These aspects are a matter for those originating the Evaluation Methods and Evaluation Activities a in their particular area of interest.



Standard Number20/30362617 DC
TitleBS ISO/IEC 15408-4. Information security, cybersecurity and privacy protection. Evaluation criteria for IT security - Part 4. Framework for the specification of evaluation methods and activities
StatusDefinitive
Publication Date2020-05-29
Identical National Standard OfISO/IEC DIS 15408-4
DescriptorsAssets, Data processing, Quality assurance, Consumers, Data storage protection, Estimation, Acceptance (approval), Information exchange, Data security, Selection
ICS35.030 IT Security
CommitteeIST/33/3
PublisherBSI
Pages26

About BSI

BSI Group, also known as the British Standards Institution is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.
GROUPS
X