Customer Support: +353 (0)1 857 6730

Corporate Website About Us
  • Shopping Cart
    There are no items in your cart
Please enter a keyword to search
Advanced search
Home
ISO
ISO/IEC TR 19791:2010

ISO/IEC TR 19791:2010

Current

Current

The latest, up-to-date edition.

Information technology — Security techniques — Security assessment of operational systems

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

22-03-2010

Publisher

International Organization for Standardization

€213.00
Excluding VAT

ISO/IEC TR 19791:2010 provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408 by taking into account a number of critical aspects of operational systems not addressed in ISO/IEC 15408 evaluation. The principal extensions that are required address evaluation of the operational environment surrounding the target of evaluation, and the decomposition of complex operational systems into security domains that can be separately evaluated.

ISO/IEC TR 19791:2010 provides:

  1. a definition and model for operational systems;
  2. a description of the extensions to ISO/IEC 15408 evaluation concepts needed to evaluate such operational systems;
  3. a methodology and process for performing the security evaluation of operational systems;
  4. additional security evaluation criteria to address those aspects of operational systems not covered by the ISO/IEC 15408 evaluation criteria.

ISO/IEC TR 19791:2010 permits the incorporation of security products evaluated against ISO/IEC 15408 into operational systems evaluated as a whole using ISO/IEC TR 19791:2010.

ISO/IEC TR 19791:2010 is limited to the security evaluation of operational systems and does not consider other forms of system assessment. It does not define techniques for the identification, assessment and acceptance of operational risk.

Committee
ISO/IEC JTC 1/SC 27
DocumentType
Standard
Pages
235
PublisherName
International Organization for Standardization
Status
Current
Supersedes

18/30361485 DC : 0 BS ISO/IEC 19896-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 3: KNOWLEDGE, SKILLS AND EFFECTIVENESS REQUIREMENTS FOR ISO/IEC 15408 EVALUATORS
12/30204847 DC : 0 BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE
PD ISO/IEC TR 15443-1:2012 Information technology. Security techniques. Security assurance framework Introduction and concepts
PD ISO/IEC/TR 15026-1:2010 Systems and software engineering. Systems and software assurance Concepts and vocabulary
BS EN 61508-1:2010 Functional safety of electrical/electronic/ programmable electronic safety-related systems General requirements
BS ISO/IEC 15408-1:2009 Information technology. Security techniques. Evaluation criteria for IT Security Part 1: Introduction and general model
11/30168516 DC : 0 BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY
08/30133461 DC : 0 ISO/IEC 27003 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE
CEI EN 61508-1 : 2011 FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
INCITS/ISO/IEC 15408-1 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL
BS ISO/IEC 29147:2014 Information technology. Security techniques. Vulnerability disclosure
ISO/IEC TR 15026-1:2010 Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary
08/30193508 DC : DRAFT NOV 2008 BS EN 61508-1 - FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
EN 50657:2017 Railways Applications - Rolling stock applications - Software on Board Rolling Stock
BS EN 50657:2017 Railways Applications. Rolling stock applications. Software on Board Rolling Stock
BS ISO/IEC 27032:2012 Information technology. Security techniques. Guidelines for cybersecurity
ISO/IEC 15026-1:2013 Systems and software engineering — Systems and software assurance — Part 1: Concepts and vocabulary
ISO/IEC TR 15443-3:2007 Information technology — Security techniques — A framework for IT security assurance — Part 3: Analysis of assurance methods
ISO/IEC 20248:2018 Information technology — Automatic identification and data capture techniques — Data structures — Digital signature meta structure
ISO/IEC TR 15443-1:2012 Information technology — Security techniques — Security assurance framework — Part 1: Introduction and concepts
ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity
BS ISO/IEC 15026-1:2013 Systems and software engineering. Systems and software assurance Concepts and vocabulary
13/30268559 DC : 0 BS ISO/IEC 15026-1 - SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY
I.S. EN 61508-1:2010 FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
ETSI GS ISI 001-2 V1.1.2 (2015-06) Information Security Indicators (ISI); Indicators (INC); Part 2: Guide to select operational indicators based on the full set given in part 1
ISO/IEC 29147:2014 Information technology — Security techniques — Vulnerability disclosure
IEC 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508)
PD ISO/IEC TR 15443-3:2007 Information technology. Security techniques. A framework for IT security assurance Analysis of assurance methods
I.S. EN 50657:2017 RAILWAYS APPLICATIONS - ROLLING STOCK APPLICATIONS - SOFTWARE ON BOARD ROLLING STOCK
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
IEEE/ISO/IEC 15026-1-2014 IEEE Standard Adoption of ISO/IEC 15026-1--Systems and Software Engineering--Systems and Software Assurance--Part 1: Concepts and Vocabulary
EN 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements
UNE-EN 61508-1:2011 Functional safety of electrical/electronic/programmable electronic safety-related systems -- Part 1: General requirements

ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
ISO/IEC 27002:2013 Information technology — Security techniques — Code of practice for information security controls
ISO/IEC 21827:2008 Information technology — Security techniques — Systems Security Engineering — Capability Maturity Model® (SSE-CMM®)
ISO/IEC 27005:2011 Information technology — Security techniques — Information security risk management
ISO/IEC TR 15446:2017 Information technology — Security techniques — Guidance for the production of protection profiles and security targets
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
ISO/IEC 18045:2008 Information technology — Security techniques — Methodology for IT security evaluation
ISO Guide 73:2009 Risk management — Vocabulary

Summarise
ChatGPT Perplexity

Access your standards online with a subscription

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.

Get in touch with us

€213.00
Excluding VAT
EUR
AUD
CAD
CHF
CNY
DKK
GBP
HKD
IDR
INR
JPY
KRW
MXN
NOK
NZD
SEK
SGD
USD
ZAR
Hardcopy - English
PDF - English
Hardcopy - English
PDF - English
01
02
03
04
05
06
07
08
09
10