IT-säkerhet

Ämnesområden: IT-säkerhet
Kommittébeteckning: SIS/TK 318 (Informationssäkerhet, cybersäkerhet och integritetsskydd)
Källa: CEN
Svarsdatum: den 23 jan 2025
Se merSe mindre
 

This document provides the minimum requirements for the knowledge, skills and effectiveness requirements of individuals performing testing activities for a conformance scheme using ISO/IEC 19790 and ISO/IEC 24759.

Ämnesområden: IT-säkerhet
Kommittébeteckning: SIS/TK 318 (Informationssäkerhet, cybersäkerhet och integritetsskydd)
Källa: CEN
Svarsdatum: den 27 jan 2025
Se merSe mindre
 

The standard contains guidelines for developing and establishing policies and procedures for deletion of PII in organizations by specifying: — a harmonized terminology for PII deletion; — an approach for defining deletion rules in an efficient way; — a description of required documentation; and — a broad definition of roles, responsibilities and processes. This document is intended to be used by organizations where PII are stored or processed. This document does not address: — specific legal provision, as given by national law or specified in contracts; — specific deletion rules for particular clusters of PII as are to be defined by PII controllers for — processing PII; — deletion mechanisms; — reliability, security and suitability of deletion mechanisms; — specific techniques for de-identification of data.

Ämnesområden: IT-säkerhet
Kommittébeteckning: SIS/TK 318 (Informationssäkerhet, cybersäkerhet och integritetsskydd)
Källa: CEN
Svarsdatum: den 18 feb 2025
Se merSe mindre
 

This document provides the specialized requirements to demonstrate the competence of individuals in performing IT product security evaluations and certifications in accordance with the ISO/IEC 15408 series and ISO/IEC 18045.

Ämnesområden: IT-säkerhet
Kommittébeteckning: SIS/TK 318 (Informationssäkerhet, cybersäkerhet och integritetsskydd)
Källa: CEN
Svarsdatum: den 18 feb 2025
Se merSe mindre
 

ISO/IEC 29151:2017 establishes control objectives, controls and guidelines for implementing controls, to meet the requirements identified by a risk and impact assessment related to the protection of personally identifiable information (PII). In particular, this Recommendation | International Standard specifies guidelines based on ISO/IEC 27002, taking into consideration the requirements for processing PII that may be applicable within the context of an organization's information security risk environment(s). ISO/IEC 29151:2017 is applicable to all types and sizes of organizations acting as PII controllers (as defined in ISO/IEC 29100), including public and private companies, government entities and not-for-profit organizations that process PII.