ISO/IEC 27034-7:2018

Information technology — Application security — Part 7: Assurance prediction framework

Standard Details

This document describes the minimum requirements when the required activities specified by an Application Security Control (ASC) are replaced with a Prediction Application Security Rationale (PASR). The ASC mapped to a PASR define the Expected Level of Trust for a subsequent application. In the context of an Expected Level of Trust, there is always an original application where the project team performed the activities of the indicated ASC to achieve an Actual Level of Trust.

The use of Prediction Application Security Rationales (PASRs), defined by this document, is applicable to project teams which have a defined Application Normative Framework (ANF) and an original application with an Actual Level of Trust.

Predictions relative to aggregation of multiple components or the history of the developer in relation to other applications is outside the scope of this document.

General Information

Status : Published

Standard Type: Main

Document No: ISO/IEC 27034-7:2018

Document Year: 2018

Pages: 29

Edition: 1

Section Volume:
ISO/IEC JTC 1/SC 27. IT Security techniques

ICS:
35.030 IT Security *Including encryption

Life Cycle

Currently Viewing

Published

ISO/IEC 27034-7:2018

ISO/IEC 27034-7:2018

Standard Details

General Information

Life Cycle

Add Standards To Trackedge

Enquiry Form