Standard
ABSTRACT
This document provides the specialized requirements to demonstrate competence of individuals in performing IT product security evaluations in accordance with ISO/IEC 15408 (all parts) and
ISO/IEC 18045.
This document includes knowledge and skills especially in the following areas.
— Information security
Knowledge: Information security principles, information security properties, information security threats and vulnerabilities
Skills: Understand information security requirements, understand the context
— Information security evaluation
Knowledge: Knowledge of ISO/IEC 15408 (all parts) and ISO/IEC 18045, laboratory management system
Skills: Basic evaluation skills, core evaluation skills, skills required when evaluating specific security assurance classes, skills required when evaluating specific security functional requirements classes
— Information systems architecture
Knowledge: Technology being evaluated
Skills: Understand the interaction of security components and information
— Information security testing
Knowledge: Information security testing techniques, information security testing tools, product development lifecycle, test types
Skills: Create and manage an information security test plan, design information security tests, prepare and conduct information security tests
General information
- Status: Published
-
Publication date :
- Working Groups :
- Category: Cybersecurity