BS ISO/IEC 27034-1:2011
Current
The latest, up-to-date edition.
Information technology. Security techniques. Application security Overview and concepts
Hardcopy , PDF
English
28-02-2014
Important note : Users cannot be edited or removed once added to your Multi user PDF.
FOREWORD
INTRODUCTION
1 SCOPE
2 NORMATIVE REFERENCES
3 TERMS AND DEFINITIONS
4 ABBREVIATED TERMS
5 STRUCTURE OF ISO/IEC 27034
6 INTRODUCTION TO APPLICATION SECURITY
7 ISO/IEC 27034 OVERALL PROCESSES
8 CONCEPTS
ANNEX A (INFORMATIVE) - MAPPING AN EXISTING DEVELOPMENT
PROCESS TO ISO/IEC 27034 CASE STUDY
ANNEX B (INFORMATIVE) - MAPPING ASC WITH AN EXISTING
STANDARD
ANNEX C (INFORMATIVE) - ISO/IEC 27005 RISK MANAGEMENT
PROCESS MAPPED WITH THE ASMP
BIBLIOGRAPHY
Specifies guidance to assist organizations in integrating security into the processes used for managing their applications.
| Committee |
IST/33/4
|
| DevelopmentNote |
Supersedes 10/30168519 DC. (01/2012)
|
| DocumentType |
Standard
|
| Pages |
86
|
| PublisherName |
British Standards Institution
|
| Status |
Current
|
| Supersedes |
| Standards | Relationship |
| ISO/IEC 27034-1:2011 | Identical |
| 17/30351843 DC : 0 | BS 10754-1 - INFORMATION TECHNOLOGY - SOFTWARE TRUSTWORTHINESS - PART 1 - GOVERNANCE AND MANAGEMENT SPECIFICATION |
| ISO/IEC 2382-7:2000 | Information technology Vocabulary Part 7: Computer programming |
| ISO/IEC 27001:2013 | Information technology — Security techniques — Information security management systems — Requirements |
| ISO/IEC/IEEE 29148:2011 | Systems and software engineering Life cycle processes Requirements engineering |
| ISO/IEC 15408-3:2008 | Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components |
| ISO/IEC 15289:2006 | Systems and software engineering Content of systems and software life cycle process information products (Documentation) |
| ISO/IEC/IEEE 24765:2017 | Systems and software engineering — Vocabulary |
| ISO/IEC 27002:2013 | Information technology Security techniques Code of practice for information security controls |
| ISO/IEC TR 20000-4:2010 | Information technology Service management Part 4: Process reference model |
| ISO/IEC 21827:2008 | Information technology Security techniques Systems Security Engineering Capability Maturity Model (SSE-CMM) |
| ISO/IEC 15288:2008 | Systems and software engineering — System life cycle processes |
| ISO/IEC 18019:2004 | Software and system engineering Guidelines for the design and preparation of user documentation for application software |
| ISO/IEC 27005:2011 | Information technology Security techniques Information security risk management |
| ISO/IEC 12207:2008 | Systems and software engineering — Software life cycle processes |
| ISO 9000:2015 | Quality management systems — Fundamentals and vocabulary |
| ISO/IEC 27000:2016 | Information technology Security techniques Information security management systems Overview and vocabulary |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.