ISO JTC 1/SC 27
Working area of SC 27 in ISO/IEC
is the creation of standards for general methods and techniques in the area of information security.
The International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) created the Joint Committee JTC 1 for cooperation in the area of information technology. Working drafts of international standards are sent out to the participating national standardization bodies. The publication as ISO/IEC-Standard or International Standard (IS) requires a quorum of 75%.
Structure and working groups
The international secretariat of ISO/IEC JTC 1/SC 27 is at the Deutsches Institut für Normung (DIN) in Germany.
|ISO/IEC JTC 1/SC 27||IT-Security Techniques||DIN|
|ISO/IEC JTC 1/SC 27/WG 1||Information Security Management Systems||BSI|
|ISO/IEC JTC 1/SC 27/WG 2||Cryptography and security mechanisms||JISC|
|ISO/IEC JTC 1/SC 27/WG 3||Security evaluation criteria||SIS|
|ISO/IEC JTC 1/SC 27/WG 4||Security controls and services||SPRING (Singapore)|
|ISO/IEC JTC 1/SC 27/WG 5||Identity management and privacy technologies||DIN|
A complete overview of the standards that it maintains is contained in Standing Document No 7 - SC27 Projects & Standards (SD7).
SC 27 WG1 Information Security Management Systems
Work group 1 is editing the ISO/IEC 2700x series that related to ISMS, Information security controls and Information security risk management.
SC 27 WG3 Security evaluation criteria
Work group 3 maintains the three parts of ISO/IEC 15408 for Common Criteria.
SC 27 WG5 Identity management and privacy technologies
The effort of work group 5 goes into documents such as
- A framework for identity management (24760)
- A framework for access management (29146)
- Privacy Framework (29100)
- Privacy Reference Architecture (29101)
- Privacy Capability Assessment Model (29190)
- Entity Authentication Assurance Framework (29115)
References↑Jump back a section
↑Jump back a section
Read in another language
This page is available in 1 language