ISO turbehalduse standardid Monika Oit Cybernetica Eesti esindaja ISO/IEC JTC1 SC27s (osalenud põhiliselt WG1 töös)

Slides:



Advertisements
Similar presentations
Security standardization for Health Informatics ITU-T eHealth conference Geneva Dr Gunnar O. Klein convenor of ISO/TC 215/WG 4 Security Karolinska.
Advertisements

Cloud computing security related works in ITU-T SG17
SIGAda2001© 2001, The MITRE Corporation. Permission is granted to reproduce without modification.James W. Moore - 1 ISO/IEC Standardization James W. Moore.
JTC 1 Strategic Advisory Committee Key Areas of Priority February 2014.
Overview of WG8 and ITS Transit Standards
© 2012 Security Compass inc. 1 Application Security ISO Tak Chijiiwa, CISSP, CSSLP Principal Consultant, Security Compass Copyright 2012.
JTC1 Structure - Australian Engagement (For further information regarding each Sub-committees/working groups, please click on their icon) SCsSCs WGsWGs.
ISO/IEC JTC1 SC37 Overview
Walter siemens.com SC 27 IT Security Techniques Business Plan & Report on Marketing Initiatives.
Security Controls – What Works
Information Security Policies and Standards
Advantages of IT Security Prof. Uldis Sukovskis, CISA Riga Information Technology Institute Secure information exchange in Electronic media Baltic IT&T.
GSC16-OBS-03 ITU-T GSC – 16 Observer Presentation Karen Higginbottom, JTC 1 Chair.
SECURITY SIG IN MTS 28 TH JANUARY 2015 PROGRESS REPORT Fraunhofer FOKUS.
ISO/TC 176 Quality Management Standards “Meet the Family” Presented by David Zimmerman Project Manager Project Manager ISO/TC 176 Secretariat.
ELECTROTECHNICAL DIVISION COUNCIL (ETDC) BUREAU OF INDIAN STANDARDS MANAK BHAWAN, 9 BAHADURSHAH ZAFAR MARG NEW DELHI STANDARDIZATION ACTIVITIES.
Fraud Prevention and Risk Management
1 Standards Australia and accessibility standards Irene Hagstrom Standards Australia.
32 nd Session of SIO Thessaloniki Milovan Misic Tuesday, September 26, 2006 Standards for digital archives and electronic records management.
Gurpreet Dhillon Virginia Commonwealth University
Defence and Security Division SC37 Paris status report CEN Biometric Focus Group Brussels January 26th 2005.
LTSC and SC36 Collaboration1 Proposal for JTC1/SC36 Collaboration Frank Farance, Edutool.Com
Evolving IT Framework Standards (Compliance and IT)
ISMS for Mobile Devices Page 1 ISO/IEC Information Security Management System (ISMS) for Mobile Devices Why apply ISMS to Mobile Devices? Overview.
1 1 NATIONAL AND INTERNATIONAL IT STANDARDIZATION Sukh Bir Singh Bureau of Indian Standards E mail :
Standard of Electronic Health Record
Presented by : Miss Vrindah Chaundee
Introduction to the ISO series ISO – principles and vocabulary (in development) ISO – ISMS requirements (BS7799 – Part 2) ISO –
1 1 Update: ISO/IEC Identification Cards - Integrated circuit cards programming interfaces Teresa Schwarzhoff, U.S. Department of Commerce Porvoo-12:
Icons to Hardware: The evolving range of ISO & ISO/IEC International Accessibility Standards Jim Carter USERLab University of Saskatchewan BSI/JISC CETIS.
Conformity assessment – Standards and CEOC’s involvement Annual Conference 31 of May 2010 in Vienna Dipl.-Ing. Gerd-Hinrich Schaub CEOC International.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
1 Cultural & Linguistic Adaptability & User Interface Technical Direction SC 2 Business Plan (Coded Character Sets) Kohji Shibano SC 2 Chair.
DICOM and ISO/TC215 Hidenori Shinoda Charles Parisot.
9 th Open Forum on Metadata Registries Harmonization of Terminology, Ontology and Metadata 20th – 22nd March, 2006, Kobe Japan. Presentation Title: Day:
JTC 1 SWG-A N 110 replaces SWG-A N 086 November 29, 2005 Title: Report of the Task Group 1 Breakout on Domains (replaces SWG-A N 086) Jennifer… Can you.
Engineering Essential Characteristics Security Engineering Process Overview.
Joint Meeting Report on Standards 8 July Recent Accomplishments Systems Modeling Language (SysML) specification accepted for adoption by OMG AP233.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All ICT Accessibility Standardization Dr. Jim Carter, ISACC Document No: GSC16-PLEN-57r2 Source: ISACC.
1The ISO Concept database Reinhard Weissinger 16 August International Organization for Standardization.
1 ISO/IEC JTC1/SC37 Standards A presentation of the family of biometric standards October 2008.
SC 37 “Biometrics” and correlations with JTC1 Special Working Group on Accessibility Ing. Mario Savastano IBB (CNR) and DIEL (Federico II University of.
International Telecommunication Union Committed to connecting the world ITU/EBU Workshop Accessibility to Broadcasting and IPTV ACCESS for ALL, 23 – 24.
GSC-19 Meeting, July 2015, Geneva Guest Presentation by ISO and IEC Henry Cuschieri, ISO Gilles Thonet, IEC Jim MacFie, JTC 1 Document No:GSC-19_009.
ITU-T SG16 and JCA-IoT activities
Overview of SC 32/WG 2 Standards Projects Supporting Semantics Management Open Forum 2005 on Metadata Registries 14:45 to 15:30 13 April 2005 Larry Fitzwater.
User Interface related standardization in TC 100 Tadashi Ezaki IEC TC 100 Secretary.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
Cloud Computing and Standards - A Regulator’s View OASIS International Cloud Symposium 11 October 2011 Steven Johnston, CISSP Senior Security and Technology.
Cooperation on Converging Technologies Juichi Nagano Deputy Secretary General Japanese Industrial Standards Committee (JISC)
Information Security tools for records managers Frank Rankin.
ITU-T SG17 Q.3 Telecommunication information security management An overview Miho Naganuma Q.3/17 Rapporteur 17 March 2016.
ISO/IEC JTC 1/SC 27 – IT Security Techniques Dr. Walter Fumy, Chief Scientist, Bundesdruckerei GmbH.
What standards, relevant to me, are there? Barbara Reed Chair, Standards Australia IT 21 Committee on Records and Document Management Systems.
ISO’s standardization approach to security, privacy and trust
Jürgen Großmann, Fraunhofer FOKUS
ISO/IEC JTC 1/SC 7 Working Group 42 - Architecture Johan Bendz
ISO/IEC Joint Technical Committee 1 ISO/IEC JTC 1
ISO Smart and Sustainable Cities developments
ISO Update and Priorities
سيستم مديريت امنيت اطلاعات
ISO Security Standardization News
ISO/IEC Joint Technical Committee 1 ISO/IEC JTC 1
ارائه كننده: شاهين انتصاري
Introduction to ISO/IEC JTC 1 SC7
CEN/ISSS DATSCG Luc Van den Berghe CEN/ISSS DATSCG
ISO Update and Priorities
Geographic Information Geomatics Data Management Services
ISO Smart and Sustainable Cities developments
ITU-T SG17 Q.3 Telecommunication information security management
Presentation transcript:

ISO turbehalduse standardid Monika Oit Cybernetica Eesti esindaja ISO/IEC JTC1 SC27s (osalenud põhiliselt WG1 töös)

ISO/IEC JTC1 ISO & IEC Joint Technical Committee on IT standardization (EU: CEN/CENELEC)

JTC1 allkomiteed: JTC 1/SC 2 Coded character sets JTC 1/SC 6 Telecommunications and information exchange between systems JTC 1/SC 7 Software and system engineering JTC 1/SC 17 Cards and personal identification JTC 1/SC 22 Programming languages, their environments and system software interfaces JTC 1/SC 23 Digital storage media for information interchange JTC 1/SC 24 Computer graphics, image processing and environmental data representation JTC 1/SC 25 Interconnection of information technology equipment

JTC1 allkomiteed: JTC 1/SC 27 IT Security techniques JTC 1/SC 28 Office equipment JTC 1/SC 29 Coding of audio, picture, multimedia and hypermedia information JTC 1/SC 31 Automatic identification and data capture techniques JTC 1/SC 32 Data management and interchange JTC 1/SC 34 Document description and processing languages JTC 1/SC 35 User interfaces JTC 1/SC 36 Information technology for learning, education and training JTC 1/SC 37 Biometrics

SC27 IT Security techniques Secretariat: DIN Secretary: Ms. Krystyna Passia Chair: Dr. Marijke De Soete (Germany) Number of published ISO standards under the direct responsibility of the JTC 1/SC 27 Secretariat: 59 Participating countries: 31 Observer countries: 11

SC27 töögrupid: JTC 1/SC 27/WG 1 Requirements, security services and guidelines (BSI - UK) JTC 1/SC 27/WG 2 Security techniques and mechanisms (IBN - Belgia) JTC 1/SC 27/WG 3 Security evaluation criteria (SIS - Rootsi)

Turbehaldus: oli ISO/IEC GMITS Guidelines for the Management on IT Security, Part 1: Concepts and Models for IT Security, Part 2: Managing and Planning IT Security, Part 3: Techniques for the Management of IT Security, Part 4: Selection of Safeguards, and Part 5: Management Guidance on Network Security. Kõik need on ka EVS-d ja eestikeelsed “Infoturbe baaskursus”

Määratlused 3.10 infoturve: kõik konfidentsiaalsuse, tervikluse, käideldavuse, jälitatavuse, autentsuse ja töökindluse määratlemise, saavutamise ja säilitamisega seotud aspektid.

Turvamudel

Relationships in Risk Management

Infoturbe haldus kui protsess

Siis tuli BS 7799…. ISO/IEC 17799:2000 Code of Practice for Information Security Management Otsus: EI TULE SERTIFITSEERIMSISKEEMI Uus 13335: Management of Information and Communication Technology Security Part 1: Concepts and models for information and communication technology security management Part 2: Techniques for the information security risk management ISO/IEC 17799:2005 – oluliselt töödeldud FCD ISMS Specification -

Information Security Road Map

Terminology SD6 Glossary of IT Security terminology ISO Guide 73 Oleks vaja: Definitions of terms in ISM

Principles Ei mingeid

Framework *… Oleks vaja: Information Security Management Framework

Element Standards ISMS requirements *

Application Guides Ei ole, aga kasutatakse… ISO Auditing Financial ISMS Guide (TC68, ISO 13569) Telecom ISMS Guide (ITU) Health Care ISMS Guide (?)

Toolboxes and Techniques ISO/IEC IT Intrusion Detection Framework ISO/IEC IT Network Security ISO/IEC Information Security Incident Management ISO/IEC TR Guidelines on the use and management of trusted Third Party services ISO/IEC Systems Security Engineering – Capability Maturity Model (SSE-CMM)…

Uus initsiatiiv: ISO/IEC – framework ( * ??) Information Security Management Systems – Requirements ( ??) – “Best Practice” (17799:2005…??) – ISMS implementation Guidance – , *…??) – Security Risk Management ( *) Täpsustub novembris 2005 !

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.