Informationsteknik, kontorsutrustning

Kommittébeteckning: SIS/TK 318 (Informationssäkerhet)
Källa: CEN
Svarsdatum: den 21 jan 2020
Se merSe mindre

This International Standard specifies the security requirements for a cryptographic module utilised within a security system protecting sensitive information in computer and telecommunication systems. This International Standard defines four security levels for cryptographic modules to provide for a wide spectrum of data sensitivity (e.g. low value administrative data, million dollar funds transfers, life protecting data, personal identity information, and sensitive information used by government) and a diversity of application environments (e.g. a guarded facility, an office, removable media, and a completely unprotected location). This International Standard specifies four security levels for each of 11 requirement areas with each security level increasing security over the preceding level.

This International Standard specifies security requirements specified intended to maintain the security provided by a cryptographic module and compliance to this International Standard is not sufficient to ensure that a particular module is secure or that the security provided by the module is sufficient and acceptable to the owner of the information that is being protected.

Ämnesområden: Ledningssystem; IT-säkerhet
Kommittébeteckning: SIS/TK 318 (Informationssäkerhet)
Källa: CEN
Svarsdatum: den 21 jan 2020
Se merSe mindre

This document provides guidance on managing an information security management system (ISMS) audit programme, on conducting audits, and on the competence of ISMS auditors, in addition to the guidance contained in ISO 19011:2011.

This document is applicable to those needing to understand or conduct internal or external audits of an ISMS or to manage an ISMS audit programme.

Se merSe mindre

This document provides guidance based on ISO/IEC 27002:2013 applied to process control systems used by the energy utility industry for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes. This includes in particular the following:

— central and distributed process control, monitoring and automation technology as well as information systems used for their operation, such as programming and parameterization devices;

— digital controllers and automation components such as control and field devices or Programmable Logic Controllers (PLCs), including digital sensor and actuator elements;

— all further supporting information systems used in the process control domain, e.g. for supplementary data visualization tasks and for controlling, monitoring, data archiving, historian logging, reporting and documentation purposes;

— communication technology used in the process control domain, e.g. networks, telemetry, telecontrol applications and remote control technology;

— Advanced Metering Infrastructure (AMI) components, e.g. smart meters;

— measurement devices, e.g. for emission values;

— digital protection and safety systems, e.g. protection relays, safety PLCs, emergency governor mechanisms;

— energy management systems, e.g. of Distributed Energy Resources (DER), electric charging infrastructures, in private households, residential buildings or industrial customer installations;

— distributed components of smart grid environments, e.g. in energy grids, in private households, residential buildings or industrial customer installations;

— all software, firmware and applications installed on above-mentioned systems, e.g. DMS (Distribution Management System) applications or OMS (Outage Management System);

— any premises housing the above-mentioned equipment and systems;

— remote maintenance systems for above-mentioned systems.

This document does not apply to the process control domain of nuclear facilities. This domain is covered by IEC 62645.

This document also includes a requirement to adapt the risk assessment and treatment processes described in ISO/IEC 27001:2013 to the energy utility industry-sector–specific guidance provided in this document.

Kommittébeteckning: SIS/TK 563 (Additiv tillverkning)
Källa: CEN
Svarsdatum: den 3 feb 2020
Se merSe mindre

This document provides the specification for the Additive Manufacturing File Format (AMF), an interchange format to address the current and future needs of additive manufacturing technology.

This document specifies the requirements for the preparation, display and transmission for the AMF. When prepared in a structured electronic format, strict adherence to an extensible markup language (XML)[1] schema supports standards-compliant interoperability.

NOTE A W3C XML schema definition (XSD) for the AMF is available from ISO from http:// standards .iso .org/ iso/ 52915 and from ASTM from www .astm .org/ MEETINGS/ images/ amf .xsd. An implementation guide for such an XML schema is provided in Annex A.

It is recognized that there is additional information relevant to the final part that is not covered by the current version of this document. Suggested future features are listed in Annex B.

This document does not specify any explicit mechanisms for ensuring data integrity, electronic signatures and encryptions.

Kommittébeteckning: SIS/TK 448 (Teknik och stödsystem för personlig identifiering)
Källa: ISO
Svarsdatum: den 10 feb 2020
Se merSe mindre

This part of ISO/IEC 19795:

⎯ establishes general principles for testing the performance of biometrics systems in terms of error rates and throughput rates for purposes including measurement of performance, prediction of performance, comparison of performance, and verifying compliance with specified performance requirements;

⎯ specifies performance metrics for biometric systems;

⎯ specifies requirements on the recording of test data and reporting of test results; and

⎯ specifies requirements on test protocols in order to:

⎯ reduce bias due to inappropriate data collection or analytic procedures;

⎯ help achieve the best estimate of field performance for the expended effort;

⎯ improve understanding of the limits of applicability of the test results.

This part of ISO/IEC 19795 is applicable to empirical performance testing of biometric systems and algorithms through analysis of the comparison scores and decisions output by the system, without requiring detailed knowledge of the system’s algorithms or of the underlying distribution of biometric characteristics in the population of interest.

Not within the scope of this part of ISO/IEC 19795 is the measurement of error and throughput rates for people deliberately trying to subvert the intended operation of the biometric system (e.g., by presentation attacks).

Kommittébeteckning: SIS/TK 450 (IT-standarder för Lärande)
Källa: SIS
Svarsdatum: den 14 feb 2020
Se merSe mindre

Denna standard beskriver överföring av information mellan följande processer: — Skoladministration — Tjänstefördelning — Schemaläggning Standarden beskriver också överföring av information från processen Schemaläggning till olika processer som använder lektionsinformation. Denna standard omfattar även: — Beskrivning av innebörden hos begrepp som förekommer i standarden — Klassdiagram som redogör för informationens struktur — Villkor för när information är obligatorisk — Protokoll för datautbyte — Värdeförråd Denna standard omfattar inte — Hur processen Skoladministration mottar information från andra processer eller system

Kommittébeteckning: SIS/TK 334 (Hälso- och sjukvårdsinformatik)
Källa: CEN
Svarsdatum: den 16 mar 2020
Se merSe mindre

The scope of this project is to define a general object-oriented information model that may be used to structure information and identify services used in point-of-care (POC) medical device communications. The scope is primarily focused on acute care medical devices and the communication of patient vital signs information.