60.60 Standard published Dec 6, 2023
CEN/CENELEC
CEN/CLC/JTC 13 Cybersecurity and Data Protection
European Norm
35.030 IT Security
Published
The ISO/IEC 15408 series permits comparability between the results of independent security evaluations. The ISO/IEC 15408 series does so by providing a common set of requirements for the security functionality of IT products and for assurance measures applied to these IT products during a security evaluation. ISO/IEC 18045 provides a companion methodology for some of the assurance requirements specified in the ISO/IEC 15408 series, ISO/IEC 15408-1 and ISO/IEC 18045 also allow that more specific Evaluation Activities (EAs) may be derived for use in particular evaluation contexts. Specification of such Evaluation Activities is already occurring amongst practitioners and this creates a need for a specification for defining such Evaluation Activities.
This document, ISO/IEC 15408-4, provides a standardised framework for specifying objective, repeatable and reproducible Evaluation Methods (EMs), and Evaluation Activities.
PUBLISHED
EN ISO/IEC 15408-4:2023
60.60
Standard published
Dec 6, 2023
IN_DEVELOPMENT
prEN ISO/IEC 15408-4