ISO/IEC TS 24462:2024

Information security, cybersecurity and privacy protection — Ontology building blocks for security and risk assessment ISO/IEC TS 24462:2024

Publication date:   Mar 5, 2024

General information

60.60 Standard published   Mar 5, 2024

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

Technical Specification

35.030   IT Security

Buying

Published

Language in which you want to receive the document.

Scope

This document defines an inventory of building blocks conceptually associated with different types of assessments of information and communication technology (ICT) trustworthiness. These assessments apply to areas such as governance, risk management, security evaluation, secure development lifecycle (SDL), supply chain integrity and privacy. This document also defines an ontology that organizes these building blocks and provides instructions for using the inventory of building blocks and the ontology.
Formalizing the types, categories, and structural characteristics of building blocks in the area of ICT trustworthiness assessment aims to increase efficiency and improve future harmonization in standards development and their use. Building blocks can refer to structural components as well as semantic components. These components can be connected to a variety of concepts and activities related to trustworthiness assessments, including process related, such as traceability or elements of assessment methodologies.

Life cycle

NOW

PUBLISHED
ISO/IEC TS 24462:2024
60.60 Standard published
Mar 5, 2024