Customer Support: 131 242

  • Shopping Cart
    There are no items in your cart
We noticed you’re not on the correct regional site. Switch to our AMERICAS site for the best experience.
Dismiss alert

ISO/IEC TR 19791:2010

Current

Current

The latest, up-to-date edition.

Information technology Security techniques Security assessment of operational systems

Available format(s)

Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users

Language(s)

English

Published date

22-03-2010

$407.06
Including GST where applicable

ISO/IEC TR 19791:2010 provides guidance and criteria for the security evaluation of operational systems. It provides an extension to the scope of ISO/IEC 15408 by taking into account a number of critical aspects of operational systems not addressed in ISO/IEC 15408 evaluation. The principal extensions that are required address evaluation of the operational environment surrounding the target of evaluation, and the decomposition of complex operational systems into security domains that can be separately evaluated.

ISO/IEC TR 19791:2010 provides:

  1. a definition and model for operational systems;
  2. a description of the extensions to ISO/IEC 15408 evaluation concepts needed to evaluate such operational systems;
  3. a methodology and process for performing the security evaluation of operational systems;
  4. additional security evaluation criteria to address those aspects of operational systems not covered by the ISO/IEC 15408 evaluation criteria.

ISO/IEC TR 19791:2010 permits the incorporation of security products evaluated against ISO/IEC 15408 into operational systems evaluated as a whole using ISO/IEC TR 19791:2010.

ISO/IEC TR 19791:2010 is limited to the security evaluation of operational systems and does not consider other forms of system assessment. It does not define techniques for the identification, assessment and acceptance of operational risk.

DocumentType
Standard
Pages
235
PublisherName
International Organization for Standardization
Status
Current
Supersedes

18/30361485 DC : 0 BS ISO/IEC 19896-3 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - COMPETENCE REQUIREMENTS FOR INFORMATION SECURITY TESTERS AND EVALUATORS - PART 3: KNOWLEDGE, SKILLS AND EFFECTIVENESS REQUIREMENTS FOR ISO/IEC 15408 EVALUATORS
12/30204847 DC : 0 BS ISO/IEC 29147 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY DISCLOSURE
CSA TELECOM ORGANIZATIONS PACKAGE : 2018 CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR
PD ISO/IEC TR 15443-1:2012 Information technology. Security techniques. Security assurance framework Introduction and concepts
PD ISO/IEC/TR 15026-1:2010 Systems and software engineering. Systems and software assurance Concepts and vocabulary
UNE-EN 61508-1:2011 Functional safety of electrical/electronic/programmable electronic safety-related systems -- Part 1: General requirements
BS EN 61508-1:2010 Functional safety of electrical/electronic/ programmable electronic safety-related systems General requirements
BS ISO/IEC 15408-1:2009 Information technology. Security techniques. Evaluation criteria for IT Security Part 1: Introduction and general model
11/30168516 DC : 0 BS ISO/IEC 27032 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - GUIDELINES FOR CYBERSECURITY
08/30133461 DC : 0 ISO/IEC 27003 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE
CEI EN 61508-1 : 2011 FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
CSA ISO/IEC 15408-1 : 2010 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL
INCITS/ISO/IEC 15408-1 : 2012 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL
BS ISO/IEC 29147:2014 Information technology. Security techniques. Vulnerability disclosure
CSA ISO/IEC TR 15026-1 : 2013 SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY
ISO/IEC TR 15026-1:2010 Systems and software engineering Systems and software assurance Part 1: Concepts and vocabulary
CSA ISO/IEC 15026-1 : 2015 SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY
08/30193508 DC : DRAFT NOV 2008 BS EN 61508-1 - FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
EN 50657:2017 Railways Applications - Rolling stock applications - Software on Board Rolling Stock
BS EN 50657:2017 Railways Applications. Rolling stock applications. Software on Board Rolling Stock
BS ISO/IEC 27032:2012 Information technology. Security techniques. Guidelines for cybersecurity
ISO/IEC 15026-1:2013 Systems and software engineering Systems and software assurance Part 1: Concepts and vocabulary
ISO/IEC TR 15443-3:2007 Information technology Security techniques A framework for IT security assurance Part 3: Analysis of assurance methods
ISO/IEC 20248:2018 Information technology Automatic identification and data capture techniques Data structures Digital signature meta structure
ISO/IEC TR 15443-1:2012 Information technology Security techniques Security assurance framework Part 1: Introduction and concepts
ISO/IEC 27032:2012 Information technology — Security techniques — Guidelines for cybersecurity
CSA INFORMATION SECURITY PACKAGE : 2018 CONSISTS OF CAN/CSA-ISO/IEC 27000:18 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - OVERVIEW AND VOCABULARY; CAN/CSA-ISO/IEC 27001:14, INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEMS - REQUIREMENTS; CAN/CSA-ISO/IEC 27002:15 - INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - CODE OF PRACTICE FOR INFORMATION
BS ISO/IEC 15026-1:2013 Systems and software engineering. Systems and software assurance Concepts and vocabulary
13/30268559 DC : 0 BS ISO/IEC 15026-1 - SYSTEMS AND SOFTWARE ENGINEERING - SYSTEMS AND SOFTWARE ASSURANCE - PART 1: CONCEPTS AND VOCABULARY
CSA ISO/IEC 15408-1 : 2010 : R2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - EVALUATION CRITERIA FOR IT SECURITY - PART 1: INTRODUCTION AND GENERAL MODEL
I.S. EN 61508-1:2010 FUNCTIONAL SAFETY OF ELECTRICAL/ELECTRONIC/PROGRAMMABLE ELECTRONIC SAFETY-RELATED SYSTEMS - PART 1: GENERAL REQUIREMENTS
GS ISI 001-2 : 1.1.2 INFORMATION SECURITY INDICATORS (ISI); INDICATORS (INC); PART 2: GUIDE TO SELECT OPERATIONAL INDICATORS BASED ON THE FULL SET GIVEN IN PART 1
CSA ISO/IEC TR 15443-1 : 2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - SECURITY ASSURANCE FRAMEWORK - PART 1: INTRODUCTION AND CONCEPTS
ISO/IEC 29147:2014 Information technology Security techniques Vulnerability disclosure
IEC 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements (see Functional Safety and IEC 61508)
PD ISO/IEC TR 15443-3:2007 Information technology. Security techniques. A framework for IT security assurance Analysis of assurance methods
I.S. EN 50657:2017 RAILWAYS APPLICATIONS - ROLLING STOCK APPLICATIONS - SOFTWARE ON BOARD ROLLING STOCK
CAN/CSA-C22.2 NO. 61508-1:17 Functional safety of electrical/electronic/programmable electronic safety-related systems — Part 1: General requirements (Adopted IEC 61508-1:2010, second edition, 2010-04, with Canadian deviations) | Sécurité fonctionnelle des systèmes électriques/électroniques/électroniques programmables relatifs à la sécurité — Partie 1 : Exigences générales (norme IEC 61508-1:2010 adoptée, deuxième édition, 2010-04, avec exigences propres au Canada)
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
IEEE/ISO/IEC 15026-1-2014 IEEE Standard Adoption of ISO/IEC 15026-1--Systems and Software Engineering--Systems and Software Assurance--Part 1: Concepts and Vocabulary
EN 61508-1:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems - Part 1: General requirements
CSA ISO/IEC 27003 : 2010 : R2015 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE
CSA ISO/IEC 27003 : 2010 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - INFORMATION SECURITY MANAGEMENT SYSTEM IMPLEMENTATION GUIDANCE

ISO/IEC 15408-2:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 2: Security functional components
ISO/IEC 15408-3:2008 Information technology — Security techniques — Evaluation criteria for IT security — Part 3: Security assurance components
ISO/IEC 27002:2013 Information technology Security techniques Code of practice for information security controls
ISO/IEC 21827:2008 Information technology Security techniques Systems Security Engineering Capability Maturity Model (SSE-CMM)
ISO/IEC 27005:2011 Information technology Security techniques Information security risk management
ISO/IEC TR 15446:2017 Information technology Security techniques Guidance for the production of protection profiles and security targets
ISO/IEC 15408-1:2009 Information technology — Security techniques — Evaluation criteria for IT security — Part 1: Introduction and general model
ISO/IEC 18045:2008 Information technology — Security techniques — Methodology for IT security evaluation
ISO Guide 73:2009 Risk management — Vocabulary

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.