ISO 9569:2023
ISO 9569:2023 Information security, cybersecurity and privacy protection – Evaluation criteria for IT security – Patch Management Extension for the ISO/IEC 15408 series and ISO/IEC 18045
CDN $336.00
Description
This document specifies patch management (PAM) security assurance requirements and is intended to be used as an extension of the ISO/IEC 15408 series and ISO/IEC 18045.
The security assurance requirements specified in this document do not include evaluation or test activities on the final target of evaluation (TOE), but focus on the initial TOE and on the life cycle processes used by manufacturers. Additionally, this document gives guidance to facilitate the evaluation of the TOE, including the patch and development processes which support the patch management.
This document lists options for evaluation authorities (or mutual recognition agreements) on how to utilize the additional assurance and additional evidence in their processes to enable the developer to consistently re-certify their updated or patched TOEs to the benefit of the users. The implementation of these options using an evaluation scheme is out of the scope of this document.
Edition
1
Published Date
2023-11-28
Status
PUBLISHED
Pages
36
Language
English
Format
Secure PDF
Secure – PDF details
- Save your file locally or view it via a web viewer
- Viewing permissions are restricted exclusively to the purchaser
- Device limits - 3
- Printing – Enabled only to print (1) copy
See more about our Environmental Commitment
Abstract
This document specifies patch management (PAM) security assurance requirements and is intended to be used as an extension of the ISO/IEC 15408 series and ISO/IEC 18045.
The security assurance requirements specified in this document do not include evaluation or test activities on the final target of evaluation (TOE), but focus on the initial TOE and on the life cycle processes used by manufacturers. Additionally, this document gives guidance to facilitate the evaluation of the TOE, including the patch and development processes which support the patch management.
This document lists options for evaluation authorities (or mutual recognition agreements) on how to utilize the additional assurance and additional evidence in their processes to enable the developer to consistently re-certify their updated or patched TOEs to the benefit of the users. The implementation of these options using an evaluation scheme is out of the scope of this document.
Previous Editions
Can’t find what you are looking for?
Please contact us at:
Related Documents
-
ISO 15708:2024 Non-destructive testing – Radiation methods for computed tomography – Part 1: Vocabulary
CDN $82.00 Add to cart -
ISO 22553:2019 Paints and varnishes – Electro-deposition coatings – Part 1: Vocabulary
CDN $82.00 Add to cart -
ISO 6893:2024 Jewellery and precious metals – Inspection of batches of small diamonds – Terminology, classification and test methods
CDN $251.00 Add to cart -
ISO 28401:2024 Light metals and their alloys – Titanium and titanium alloys – Vocabulary
CDN $186.00 Add to cart
