ISO/IEC 18045

ISO/IEC 18045 – Information technology -- Security techniques -- Methodology for IT security evaluation

Published under Risk Management
Title: ISO/IEC 18045:2005 - Information technology -- Security techniques -- Methodology for IT security evaluation
Source reference: http://isotc.iso.org/livelink
Topic: Standard containing auditing guidelines for assessment of compliance with ISO/IEC 15408 (Information technology -- Security techniques -- Evaluation criteria for IT security)
Direct / indirect relevance Indirect. The text is a meta-norm providing guidelines for compliance evaluation based on the criteria of another standard; not for RM/RA as such.
Scope: Publicly available ISO standard, to be followed when evaluating compliance with ISO/IEC 15408 (Information technology --Security techniques -- Evaluation criteria for IT security)
Legal force: Nonbinding ISO standard.
Affected sectors: Generic. The standard can be followed by any auditor involved in evaluating compliance with ISO/IEC 15408 (Information technology --Security techniques -- Evaluation criteria for IT security).
Relevant provision(s): ISO/IEC 18045:2005 is a companion document to ISO/IEC 15408, Information technology --Security techniques -- Evaluation criteria for IT security. ISO/IEC 18045 specifies the minimum actions to be performed by an evaluator in order to conduct an ISO/IEC 15408 evaluation, using the criteria and evaluation evidence defined in ISO/IEC 15408.

(source: http://iso.nocrew.org/)
Relevance to RM/RA: The standard is a ‘companion document’, which is thus primarily of used for security professionals involved in evaluating compliance with ISO/IEC 15408 (Information technology --Security techniques -- Evaluation criteria for IT security). Since it describes minimum actions to be performed by such auditors, compliance with ISO/IEC 15408 is impossible if ISO/IEC 18045 has been disregarded.

 

We use cookies to ensure we give you the best browsing experience on our website. Find out more on how we use cookies and how you can change your settings.

Ok, I understand No, tell me more