Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • Shopping Cart
    There are no items in your cart
Please enter a keyword to search
Advanced search
Home
ISO
ISO/IEC 27034-7:2018

ISO/IEC 27034-7:2018

Current

Current

The latest, up-to-date edition.

Information technology — Application security — Part 7: Assurance prediction framework

Available format(s)

Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

22-05-2018

Publisher

International Organization for Standardization

€144.00
Excluding VAT
EUR
CAD
CHF
CNY
DKK
EUR
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
Hardcopy - English
PDF - English
PDF 3 Users - English
PDF 5 Users - English
PDF 9 Users - English
01
02
03
04
05
06
07
08
09
10

This document describes the minimum requirements when the required activities specified by an Application Security Control (ASC) are replaced with a Prediction Application Security Rationale (PASR). The ASC mapped to a PASR define the Expected Level of Trust for a subsequent application. In the context of an Expected Level of Trust, there is always an original application where the project team performed the activities of the indicated ASC to achieve an Actual Level of Trust.

The use of Prediction Application Security Rationales (PASRs), defined by this document, is applicable to project teams which have a defined Application Normative Framework (ANF) and an original application with an Actual Level of Trust.

Predictions relative to aggregation of multiple components or the history of the developer in relation to other applications is outside the scope of this document.

Committee
ISO/IEC JTC 1/SC 27
DocumentType
Standard
Pages
29
PublisherName
International Organization for Standardization
Status
Current

ISO/IEC/IEEE 29119-1:2013 Software and systems engineering Software testing Part 1: Concepts and definitions
ISO/IEC 27034-1:2011 Information technology — Security techniques — Application security — Part 1: Overview and concepts
ISO/IEC 19770-5:2015 Information technology — IT asset management — Part 5: Overview and vocabulary
ISO/IEC 19770-2:2015 Information technology IT asset management Part 2: Software identification tag
ISO/IEC 20009-1:2013 Information technology — Security techniques — Anonymous entity authentication — Part 1: General
ISO/IEC 90003:2014 Software engineering Guidelines for the application of ISO 9001:2008 to computer software
ISO/IEC 27000:2016 Information technology Security techniques Information security management systems Overview and vocabulary

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us