ISO/IEC JTC 1/SC 27 Information Security, Cybersecurity and Privacy Protection
ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in the development of international standards through technical committees established by the respective organization to deal with particular fields of technical activity.
ISO and IEC technical committees collaborate in fields of mutual interest. Other international organizations, government and non-governmental, in liaison with ISO and IEC, also take part in the work.
In the field of information technology, ISO and IEC have established a Joint Technical Committee 1: ISO/IEC JTC 1. Draft international standards adopted by the joint technical committees are circulated to the national bodies for voting. Publication as an international standard requires approval by at least 75 percent of the national bodies casting a vote.
If you want further information, or want to participate, please contact your National Body of ISO/IEC JTC 1/SC 27 for further information.
Scope of SC 27
The development of standards for the protection of information and ICT. This includes generic methods, techniques and guidelines to address both security and privacy aspects, such as:
- Security requirements capture methodology;
- Management of information and ICT security; in particular information security management systems (ISMS), security processes, security controls and services;
- Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information;
- Security management support documentation including terminology, guidelines as well as procedures for the registration of security components;
- Security aspects of identity management, biometrics and privacy;
- Conformance assessment, accreditation and auditing requirements in the area of information security;
- Security evaluation criteria and methodology.
SC 27 engages in active liaison and collaboration with appropriate bodies to ensure the proper development and application of SC 27 standards and technical reports in relevant areas.
|SC27 Welcome Package|
|SC27 Corporate Presentation|
|SC27 Business Plan|
|SC27 SD11 Overview of Work of SC27|
|SC27 SD12 Assessment of Cryptographic Techniques and Key Lengths|