Smart City
Smart City
-
Technical committeeTypeAcronymISO/IEC TR 15067-3-2:2016CommitteePublished year2016Description
ISO/IEC TR 15067-3-2:2016(E) This Technical Report is based on work done by the GridWise Architecture Council. It describes a framework for identifying and discussing interoperability issues to facilitate the integration of entities that interact with electric power systems.
Technology -
Technical committeeTypeAcronymISO/IEC TR 15067-2:1997CommitteePublished year1997DescriptionTechnology
-
Technical committeeTypeAcronymISO/IEC TR 15067-2CommitteePublished year1997DescriptionTechnology
-
Technical committeeTypeAcronymISO/IEC 29190CommitteePublished year2015KeywordsDescription
ISO 29190:2015 provides organizations with high-level guidance about how to assess their capability to manage privacy-related processes.
In particular, it- specifies steps in assessing processes to determine privacy capability,
- specifies a set of levels for privacy capability assessment,
- provides guidance on the key process areas against which privacy capability can be assessed,
- provides guidance for those implementing process assessment, and
- provides guidance on how to integrate the privacy capability assessment into organizations operations.
-
Technical committeeTypeAcronymISO/IEC 27037CommitteePublished year2012KeywordsDescription
ISO/IEC 27037:2012 provides guidelines for specific activities in the handling of digital evidence, which are identification, collection, acquisition and preservation of potential digital evidence that can be of evidential value.
It provides guidance to individuals with respect to common situations encountered throughout the digital evidence handling process and assists organizations in their disciplinary procedures and in facilitating the exchange of potential digital evidence between jurisdictions.
ISO/IEC 27037:2012 gives guidance for the following devices and circumstances:
- Digital storage media used in standard computers like hard drives, floppy disks, optical and magneto optical disks, data devices with similar functions,
- Mobile phones, Personal Digital Assistants (PDAs), Personal Electronic Devices (PEDs), memory cards,
- Mobile navigation systems,
- Digital still and video cameras (including CCTV),
- Standard computer with network connections,
- Networks based on TCP/IP and other digital protocols, and
- Devices with similar functions as above.
The above list of devices is an indicative list and not exhaustive. -
Technical committeeTypeAcronymISO/IEC 27036-3CommitteePublished year2013KeywordsDescription
ISO/IEC 27036-3:2013 provides product and service acquirers and suppliers in the information and communication technology (ICT) supply chain with guidance on: 1) gaining visibility into and managing the information security risks caused by physically dispersed and multi-layered ICT supply chains; 2) responding to risks stemming from the global ICT supply chain to ICT products and services that can have an information security impact on the organizations using these products and services. These risks can be related to organizational as well as technical aspects (e.g. insertion of malicious code or presence of the counterfeit information technology (IT) products); 3) integrating information security processes and practices into the system and software lifecycle processes, described in ISO/IEC 15288 and ISO/IEC 12207, while supporting information security controls, described in ISO/IEC 27002. ISO/IEC 27036-3:2013 does not include business continuity management/resiliency issues involved with the ICT supply chain. ISO/IEC 27031 addresses business continuity.
-
Technical committeeTypeAcronymISO/IEC 27035CommitteePublished year2011KeywordsDescription
ISO/IEC 27035-1:2016 is the foundation of this multipart International Standard. It presents basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.
The principles given in ISO/IEC 27035-1:2016 are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the guidance given in ISO/IEC 27035-1:2016 according to their type, size and nature of business in relation to the information security risk situation. It is also applicable to external organizations providing information security incident management services. -
Technical committeeTypeAcronymISO/IEC 27034-1CommitteePublished year2011KeywordsDescription
ISO/IEC 27034 provides guidance to assist organizations in integrating security into the processes used for managing their applications.
ISO/IEC 27034-1:2011 presents an overview of application security. It introduces definitions, concepts, principles and processes involved in application security.
ISO/IEC 27034 is applicable to in-house developed applications, applications acquired from third parties, and where the development or the operation of the application is outsourced.
-
Technical committeeTypeAcronymISO/IEC 27033-5CommitteePublished year2013KeywordsDescription
ISO/IEC 27033-5:2013 gives guidelines for the selection, implementation, and monitoring of the technical controls necessary to provide network security using Virtual Private Network (VPN) connections to interconnect networks and connect remote users to networks.
-
Technical committeeTypeAcronymISO/IEC 27033-3CommitteePublished year2010KeywordsDescription
ISO/IEC 27033-3:2010 describes the threats, design techniques and control issues associated with reference network scenarios. For each scenario, it provides detailed guidance on the security threats and the security design techniques and controls required to mitigate the associated risks. Where relevant, it includes references to ISO/IEC 27033-4 to ISO/IEC 27033-6 to avoid duplicating the content of those documents.
The information in ISO/IEC 27033-3:2010 is for use when reviewing technical security architecture/design options and when selecting and documenting the preferred technical security architecture/design and related security controls, in accordance with ISO/IEC 27033-2. The particular information selected (together with information selected from ISO/IEC 27033-4 to ISO/IEC 27033-6) will depend on the characteristics of the network environment under review, i.e. the particular network scenario(s) and ‘technology' topic(s) concerned.
Overall, ISO/IEC 27033-3:2010 will aid considerably the comprehensive definition and implementation of security for any organization's network environment.