Skip to main content
Tagasi

ISO/IEC 27041:2015

Information technology -- Security techniques -- Guidance on assuring suitability and adequacy of incident investigative method

Üldinfo

Kehtiv alates 19.06.2015
Tegevusala (ICS grupid)
35.030 Infoturve
Direktiivid või määrused
puuduvad

Standardi ajalugu

Staatus
Kuupäev
Tüüp
Nimetus
19.06.2015
Põhitekst
ISO/IEC 27041:2015 provides guidance on mechanisms for ensuring that methods and processes used in the investigation of information security incidents are "fit for purpose". It encapsulates best practice on defining requirements, describing methods, and providing evidence that implementations of methods can be shown to satisfy requirements. It includes consideration of how vendor and third-party testing can be used to assist this assurance process.
This document aims to
?   provide guidance on the capture and analysis of functional and non-functional requirements relating to an Information Security (IS) incident investigation,
?   give guidance on the use of validation as a means of assuring suitability of processes involved in the investigation,
?   provide guidance on assessing the levels of validation required and the evidence required from a validation exercise,
?   give guidance on how external testing and documentation can be incorporated in the validation process.

Nõutud väljad on tähistatud *

*
*
*
PDF
125,87 € koos KM-ga
Paber
125,87 € koos KM-ga
Standardi monitooring

Teised on ostnud veel

Põhitekst

ISO/IEC 27042:2015

Information technology -- Security techniques -- Guidelines for the analysis and interpretation of digital evidence
Uusim versioon Kehtiv alates 19.06.2015
Põhitekst

ISO/IEC 27043:2015

Information technology -- Security techniques -- Incident investigation principles and processes
Uusim versioon Kehtiv alates 04.03.2015
Põhitekst

ISO/IEC 29197:2015

Information technology -- Evaluation methodology for environmental influence in biometric system performance
Uusim versioon Kehtiv alates 17.03.2015
Põhitekst

ISO/IEC 15026-1:2013

Systems and software engineering -- Systems and software assurance -- Part 1: Concepts and vocabulary
Kehtetu alates 08.03.2019