Phone: (011) 7541-421, 3409-301, 3409-335, 6547-293, 3409-310
E-mail: Standards sales: prodaja@iss.rs Education: iss-edukacija@iss.rs Information about standards: infocentar@iss.rs
Stevana Brakusa 2, 11030 Beograd
Main menu

ISO/IEC TR 19791:2010

Information technology — Security techniques — Security assessment of operational systems

Mar 22, 2010

General information

90.93     Sep 16, 2015

ISO/IEC

ISO/IEC JTC 1/SC 27

Technical Report

35.030  

English  

Buying

Published

Language in which you want to receive the document.

Scope

ISO/IEC TR 19791:2010 provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408 by taking into account a number of critical aspects of operational systems not addressed in ISO/IEC 15408 evaluation. The principal extensions that are required address evaluation of the operational environment surrounding the target of evaluation, and the decomposition of complex operational systems into security domains that can be separately evaluated.
ISO/IEC TR 19791:2010 provides:

a definition and model for operational systems;
a description of the extensions to ISO/IEC 15408 evaluation concepts needed to evaluate such operational systems;
a methodology and process for performing the security evaluation of operational systems;
additional security evaluation criteria to address those aspects of operational systems not covered by the ISO/IEC 15408 evaluation criteria.

ISO/IEC TR 19791:2010 permits the incorporation of security products evaluated against ISO/IEC 15408 into operational systems evaluated as a whole using ISO/IEC TR 19791:2010.
ISO/IEC TR 19791:2010 is limited to the security evaluation of operational systems and does not consider other forms of system assessment. It does not define techniques for the identification, assessment and acceptance of operational risk.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC TR 19791:2006

NOW

PUBLISHED
ISO/IEC TR 19791:2010
90.93 Standard confirmed
Sep 16, 2015

REVISED BY

ABANDON
ISO/IEC NP TR 19791

National adoptions

Information technology — Security techniques — Security assessment of operational systems

90.93 Standard confirmed

I224 more