ISO 6114:2023
ISO 6114:2023 Cybersecurity – Security considerations throughout the product life cycle
CDN $312.00
Description
This document describes security considerations throughout the product life cycle (SCLC), which is a framework that spans the entire information and communications technology (ICT) product life cycle. The aim of the framework is to align the industry and bring greater transparency to customers at every point on the ICT product life cycle.
This document describes the following items for suppliers, end users (consumers), intermediaries of the ICT supply chain, service providers, and regulators:
–    definition of phases in the ICT product life cycle from concept to retirement;
–    threat vectors possible in each phase of the life cycle;
–    potential controls against those threat vectors.
The target audiences of this document are suppliers and consumers of ICT products, including all participants throughout the supply chain such as silicon chip designers, fabricators, product assemblers, logistics providers, service providers, and information security organizations. Clauses 5 to 11 target an organization’s strategic and risk management teams. This document provides an end-to-end view of the threats in each phase to help the organization shape their plans, procedures and policies.
Edition
1
Published Date
2023-10-10
Status
PUBLISHED
Pages
44
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
This document describes security considerations throughout the product life cycle (SCLC), which is a framework that spans the entire information and communications technology (ICT) product life cycle. The aim of the framework is to align the industry and bring greater transparency to customers at every point on the ICT product life cycle.
This document describes the following items for suppliers, end users (consumers), intermediaries of the ICT supply chain, service providers, and regulators:
-    definition of phases in the ICT product life cycle from concept to retirement;
-    threat vectors possible in each phase of the life cycle;
-    potential controls against those threat vectors.
The target audiences of this document are suppliers and consumers of ICT products, including all participants throughout the supply chain such as silicon chip designers, fabricators, product assemblers, logistics providers, service providers, and information security organizations. Clauses 5 to 11 target an organization’s strategic and risk management teams. This document provides an end-to-end view of the threats in each phase to help the organization shape their plans, procedures and policies.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 20009:2022 Information security – Anonymous entity authentication – Part 3: Mechanisms based on blind signatures
CDN $173.00 Add to cart -
ISO 18180:2013 Information technology – Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2
CDN $0.00 Add to cart -
ISO 27001:2024 Information security, cybersecurity and privacy protection – Information security management systems – Requirements – Amendment 1: Climate action changes
CDN $0.00 Add to cart -
ISO 20243:2023 Information technology – Open Trusted Technology ProviderTM Standard (O-TTPS) – Part 2: Assessment procedures for the O-TTPS
CDN $312.00 Add to cart
