Connect with us

Hi, what are you looking for?

Cyber Security

ISO/IEC 27554

ISO/IEC 27554 — Information technology — Security techniques — Application of ISO 31000 for assessment of identity management-related risk [Draft]

Introduction

To facilitate the application of ISO 31000 risk management guidelines to identity management, this standard will outline the associated risks.

To evaluate identity management-related risks through the ISO 31000 process, scenarios will be developed for processes and implementations as part of the risk assessment.

The scope of the standard

In particular, the standard applies to the assessment of risks associated with services and processes dependent upon or related to the management of identities. The risk assessment will exclude risks associated with delivery, technology, or security generally. Other standards that concern the control of identity information will be used alongside this standard.

By providing a standardized definition, context and impact of identity-related risks, the standard fills gaps in other standards.

The content

To be determined.

Status

The project began in 2018.

The standard should be published by the end of 2023.

A skeletal outline was included in the first Working Draft.

Commentary

To be determined.

Advertisement Advertisement
  • solutions-inc
  • solutions-inc
  • solutions-inc
  • solutions-inc

Latest Post

Advertisement Advertisement
  • solutions-inc
  • solutions-inc
  • solutions-inc
  • solutions-inc

You May Also Like

Compliance

The task to be performed ISO 27001 Clause 10.1 Nonconformity and corrective action, Clause 10 which includes sections 10.1 and 10.2 covers the “Act”...

Compliance

ISO/IEC 27034:2011+ – Information technology – Security techniques – Application security (all published except part 4) Introduction Business and IT managers, developers and auditors,...

Cyber Security

ISO/IEC TS 27110:2021 — Information security, cybersecurity and privacy protection — Cybersecurity framework development instructions Introduction As a Technical Specification, the standard (an architecture...

Compliance

The article discusses Compliance with Legal and Contractual Requirements, Identification of Applicable Legislation and Contractual Requirements and Intellectual Property Rights accordingly controls.A.18.1 Compliance with...