Programutveckling och systemdokumentation

Se merSe mindre
 

This International Standard specifies requirements and provides guidance for bodies providing audit and certification of an information security management system (ISMS), in addition to the requirements contained within ISO/IEC 17021-1 and ISO/IEC 27001. It is primarily intended to support the accreditation of certification bodies providing ISMS certification.

The requirements contained in this International Standard need to be demonstrated in terms of competence and reliability by any body providing ISMS certification, and the guidance contained in this International Standard provides additional interpretation of these requirements for any body providing ISMS certification.

NOTE This International Standard can be used as a criteria document for accreditation, peer assessment or other audit processes.

Se merSe mindre
 

This Recommendation | International Standard gives guidelines for information security controls applicable to the provision and use of cloud services by providing:

– additional implementation guidance for relevant controls specified in ISO/IEC 27002;

– additional controls with implementation guidance that specifically relate to cloud services.

This Recommendation | International Standard provides controls and implementation guidance for both cloud service providers and cloud service customers.

Kommittébeteckning: SIS/TK 611 (Informationsteknik)
Källa: ISO
Svarsdatum: den 23 nov 2020
Se merSe mindre
 

This document provides an explanation of considerations involved in defining a process. This document gives requirements and recommendations for the description of processes by identifying elements and rules for their formulation.

This document also describes the use of process views.

This document explains how conformance to a process can be defined, when the process is described in accordance with this document.

This document does not describe how processes are composed or otherwise aggregated into larger frameworks or life cycle models. Nor does the document cover how to assess or evaluate the performance of a process, or the output (products) of a process.

NOTE Two prominent International Standards in process description for software and system engineering are ISO/IEC IEEE 12207 and ISO/IEC IEEE 15288. These two standards have very similar process models. The information items associated with their process definitions are given in ISO/IEC IEEE 15289. Other International Standards provide further characterization of a single life cycle process by elaborating the process elements and levying specific requirements on the execution of the process.

This document is applicable when processes are described for various process definitions in any party, organization or standard relating to systems and software engineering processes.