M00017790
New product
ISO/IEC DIS 30111 2013 Edition, January 14, 2013 INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - VULNERABILITY HANDLING PROCESSES
In stock
Warning: Last items in stock!
Availability date: 07/14/2021
Description / Abstract:
This International Standard (IS) gives guidelines for how to
process and resolve potential vulnerability information in a
product or online service.
This International Standard is applicable to vendors involved in
handling vulnerabilities. The International Standard is related to
ISO/IEC 29147 Information technology — Security techniques —
Vulnerability disclosure. This IS interfaces with elements
described in ISO/IEC 29147 at the point of receiving potential
vulnerability reports, and at the point of distributing
vulnerability resolution information.
The IS takes into consideration the relevant elements of ISO/IEC
15408-3 Evaluation criteria for IT security – Part 3: Security
assurance components in 13.5 Flaw remediation (ALC_FLR).