SRPS ISO/IEC 27034-7:2019

Information technology — Application security — Part 7: Assurance prediction framework

Publication date: Jun 24, 2019

General information

Current stage: 90.93 Effective date: Oct 27, 2023

Next stage: 90.20 Next stage date: Oct 15, 2028

Originator: ISS

Owner: I224

Type: International Standard

ICS: 35.030

Languages: English

Buying

Status: Published

PDF

Paper

PDF and Paper

Online reading for 5 days

Online reading for 30 days

Language

Language in which you want to receive the document.

Scope

This document describes the minimum requirements when the required activities specified by an Application Security Control (ASC) are replaced with a Prediction Application Security Rationale (PASR). The ASC mapped to a PASR define the Expected Level of Trust for a subsequent application. In the context of an Expected Level of Trust, there is always an original application where the project team performed the activities of the indicated ASC to achieve an Actual Level of Trust.
The use of Prediction Application Security Rationales (PASRs), defined by this document, is applicable to project teams which have a defined Application Normative Framework (ANF) and an original application with an Actual Level of Trust.
Predictions relative to aggregation of multiple components or the history of the developer in relation to other applications is outside the scope of this document.

Life cycle

NOW

PUBLISHED
SRPS ISO/IEC 27034-7:2019
90.93 Standard confirmed
Oct 27, 2023

SRPS ISO/IEC 27034-7:2019

Information technology — Application security — Part 7: Assurance prediction framework

General information

Buying

Scope

Life cycle

NOW

Related project

Adopted from ISO/IEC 27034-7:2018