Informationsteknik, kontorsutrustning

This document specifies an implementation schema based on the content models for geographic imagery and gridded thematic data defined in the ISO/TS 19163-1. This document defines a structure that is suitable for binding content components and specific encoding formats. It also provides an implementation schema for binding a concrete, implementable, conformance-testable coverage structure as defined in ISO 19123-2.

This document covers the digital interface at the product loading and/or discharge coupling which is used for the transfer of product related information and specifies the performance requirements, critical safety aspects and tests to provide compatibility of devices.

This document describes a methodology for specifying the privileges necessary to access EHR data. This methodology forms part of the overall EHR communications architecture defined in ISO 13606-1. This document seeks to address those requirements uniquely pertaining to EHR communications and to represent and communicate EHR-specific information that will inform an access decision. It also refers to general security requirements that apply to EHR communications and points at technical solutions and standards that specify details on services meeting these security needs. NOTE Security requirements for EHR systems not related to the communication of EHRs are outside the scope of this document.

This document gives guidelines for the implementation of the information management process, in accordance with the requirements of ISO 19650-2.

This document describes a taxonomy of the AI tasks related to computer vision. It includes AI tasks pertaining to either the analysis or generation of images and videos.

This document specifies requirements and provides guidance for risk management of AI systems. It specifies terminology, principles and a process for risk management. The process described in this document intends to assist providers of AI systems to identify the hazards associated with the AI systems, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls. The process described in this document applies to risks to health, safety and fundamental rights associated with an AI system. The process described in this document is applied throughout the life cycle of the AI system. This document requires providers to establish objective criteria for risk acceptability but does not specify acceptable risk levels. This document is intended for use by organizations providing AI systems, regardless of their size, nature or location. This document is not intended for managing risk faced by organizations. This document is intended to support the organization in meeting applicable regulatory requirements.

This document addresses organizational and technical solutions aimed at ensuring the cybersecurity of high-risk AI systems over the life cycle, appropriate to the relevant circumstances and the risks. The technical solutions to address AI-specific vulnerabilities include, where appropriate, measures to prevent, detect, respond to, resolve and control for attacks trying to manipulate the training dataset (data poisoning), or pre-trained components used in training (model poisoning), inputs designed to cause the model to make a mistake (adversarial examples or model evasion), confidentiality attacks or model flaws. This document provides objective criteria to enable decisions on whether a given technical or organizational solution adequately achieves a given vulnerability-related goal.

The function of EN 15430 is to combine any vehicle equipment with different board computers to any client application server. This document specifies the interface and protocol needed between the information supplier server and the client application server (flow 3 as illustrated in Figure 1) to allow distribution of data without any restrictions to the technology used to gather the data like manufacturer specific protocols, WLANS systems, memory cards, etc.

I detta dokument, som föreslås som ett tillägg till SS 12000:2024, beskrivs förslagen till ändringarna i tillägget. 

Godkända ändringar kommer att införlivas i SS 12000:2024 som då kommer att publiceras i en ny utgåva med beteckningen SS 12000:2024+T1:2026. 

I detta dokument indikeras förslagen på ändringar genom att de omsluts av följande taggar: 

Anmärkning:   SIS använder samma taggar som CEN och ISO där ”A” står för Amendment (tillägg) och siffran står för tilläggets nummer.

Detta dokument innehåller enbart den text i SS 12000:2024 som är kopplad till förslagen på ändringar. Enbart kommentarer på förslagen på ändringar kommer att beaktas

ISO/IEC 19788-4:2014 specifies, in a rule-based manner, metadata elements and their attributes for the description of learning resources. This includes the rules governing the identification of metadata elements and the specification of metadata attributes.

These metadata elements are used to form the description of a learning resource, i.e. as a metadata learning resource (MLR) record.

This part of ISO/IEC 19788 specifies, using ISO/IEC 19788-1, technical aspects of learning resources, i.e., requirements for use, location, size, etc.

This document specifies refinements for an application of EN ISO/IEC 27701 in a European context. This document is applicable to the same entities as is ISO/IEC 27701: all types and sizes of organizations, including public and private companies, government entities and not-for-profit organizations, which are PII controllers and/or PII processors. An organization can use this document for the implementation of the generic requirements and controls of EN ISO/IEC 27701 according to its context and its applicable obligations. Certification criteria based on these refinements can provide a certification model under ISO/IEC 17065 for processing operations performed within the scope of a privacy information management system according to EN ISO/IEC 27701, which can be combined with certification requirements for EN ISO/IEC 27701 under ISO/IEC 17021.

This document: - defines terms for identity management and specifies core concepts of identity and identity management, and their relationships; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

This document: - provides guidelines for the implementation of systems for the management of identity information; - specifies requirements for the implementation and operation of a framework for identity management; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term "identity" from the term "identifier" on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management

- provides requirements and guidance for the management of identity information and for ensuring that an identity management system conforms to ISO/IEC 24760-1 and ISO/IEC 24760-2; - is applicable to any information system where information relating to identity is processed or stored; - is considered to be a horizontal document for the following reasons: - it applies concepts such as distinguishing the term “identity” from the term “identifier” on the implementation of systems for the management of identity information and on the requirements for the implementation and operation of a framework for identity management, - it provides an important contribution to assess identity management systems with regard to their privacy-friendliness and their ability to assure the relevant attributes of an identity, and consequently it provides a foundation and a common understanding for any other standard addressing identity, identity information, and identity management.

This document contains the basic control strategy, minimum functionality requirements, basic driver interface elements, minimum requirements for diagnostics and reaction to failure, and performance test procedures for Adaptive Cruise Control (ACC) systems.

ACC systems are realised as either Full Speed Range Adaptive Cruise Control (FSRA) systems or Limited Speed Range Adaptive Cruise Control (LSRA) systems. LSRA systems are further distinguished into two types, requiring manual or automatic clutch. Adaptive Cruise Control is fundamentally intended to provide longitudinal control of equipped vehicles while travelling on highways (roads where non-motorized vehicles and pedestrians are prohibited) under free-flowing and for FSRA-type systems also for congested traffic conditions. ACC can be augmented with other capabilities, such as forward obstacle warning. For FSRA-type systems the system will attempt to stop behind an already tracked vehicle within its limited deceleration capabilities and will be able to start again after the driver has input a request to the system to resume the journey from standstill. The system is not required to react to stationary or slow moving objects

This document contains guidelines for developing and establishing policies and procedures for deletion of personally identifiable information (PII) in organizations by specifying: —   a harmonized terminology for PII deletion; —   an approach for defining deletion rules in an efficient way; —   a description of required documentation; —   a broad definition of roles, responsibilities and processes. This document is intended to be used by organizations where PII is stored or processed. This document does not address: —   specific legal provision, as given by national law or specified in contracts; —   specific deletion rules for particular clusters of PII that are defined by PII controllers for processing PII; —   deletion mechanisms; —   reliability, security and suitability of deletion mechanisms; —   specific techniques for de-identification of data.

This document specifies requirements and guidance for the interoperability of data, data sharing mechanisms, and services within data spaces. It covers requirements, criteria and implementation guidance on: - dataset content, use restrictions, licences, data collection methodology, data quality and uncertainty, and on machine-readable formats to find, access and use of data; - data structures, data formats, vocabularies, classification schemes, taxonomies and code lists, and how to describe these elements a publicly available and consistent manner; - technical means to access the data, such as application programming interfaces, and their terms of use and quality of service to enable automatic access and transmission of data between parties; - where applicable, the means to enable the interoperability of tools for automating the execution of data sharing contracts. This document is applicable to all organizations participating in dataspaces, regardless of their size or type.

This document provides terminology, concepts, requirements, and guidance for logging of AI systems. It is primarily intended for organizations placing on the market or putting into service AI systems and is not specific to any particular sector.