BS ISO/IEC 27034-1:2011
Current
The latest, up-to-date edition.
Information technology. Security techniques. Application security Overview and concepts
Hardcopy , PDF
English
28-02-2014
FOREWORD
INTRODUCTION
1 SCOPE
2 NORMATIVE REFERENCES
3 TERMS AND DEFINITIONS
4 ABBREVIATED TERMS
5 STRUCTURE OF ISO/IEC 27034
6 INTRODUCTION TO APPLICATION SECURITY
7 ISO/IEC 27034 OVERALL PROCESSES
8 CONCEPTS
ANNEX A (INFORMATIVE) - MAPPING AN EXISTING DEVELOPMENT
PROCESS TO ISO/IEC 27034 CASE STUDY
ANNEX B (INFORMATIVE) - MAPPING ASC WITH AN EXISTING
STANDARD
ANNEX C (INFORMATIVE) - ISO/IEC 27005 RISK MANAGEMENT
PROCESS MAPPED WITH THE ASMP
BIBLIOGRAPHY
Specifies guidance to assist organizations in integrating security into the processes used for managing their applications.
Committee |
IST/33/4
|
DevelopmentNote |
Supersedes 10/30168519 DC. (01/2012)
|
DocumentType |
Standard
|
Pages |
86
|
PublisherName |
British Standards Institution
|
Status |
Current
|
Supersedes |
Standards | Relationship |
ISO/IEC 27034-1:2011 | Identical |
17/30351843 DC : 0 | BS 10754-1 - INFORMATION TECHNOLOGY - SOFTWARE TRUSTWORTHINESS - PART 1 - GOVERNANCE AND MANAGEMENT SPECIFICATION |
ISO/IEC 2382-7:2000 | Information technology Vocabulary Part 7: Computer programming |
ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
ISO/IEC/IEEE 29148:2011 | Systems and software engineering Life cycle processes Requirements engineering |
ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
ISO/IEC 15289:2006 | Systems and software engineering Content of systems and software life cycle process information products (Documentation) |
ISO/IEC/IEEE 24765:2017 | Systems and software engineering — Vocabulary |
ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
ISO/IEC TR 20000-4:2010 | Information technology Service management Part 4: Process reference model |
ISO/IEC 21827:2008 | Information technology — Security techniques — Systems Security Engineering — Capability Maturity Model® (SSE-CMM®) |
ISO/IEC 15288:2008 | Systems and software engineering — System life cycle processes |
ISO/IEC 18019:2004 | Software and system engineering Guidelines for the design and preparation of user documentation for application software |
ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
ISO/IEC 12207:2008 | Systems and software engineering — Software life cycle processes |
ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.