Standard

This document provides a standardized IoT Reference Architecture using a common vocabulary, reusable designs and industry best practices. It uses a top down approach, beginning with collecting the most important characteristics of IoT, abstracting those into a generic IoT Conceptual Model, deriving a high level system based reference with subsequent dissection of that model into the four architecture views (functional view, system view, networking view and usage view) from different perspectives.

The standard provides guidelines for the security standards of organizational information and information security management practices, including the selection, implementation and management of controls, taking into account the risk environment for the security of the organisation information.

The standard defines the specific guidelines for the management of digital data which are the identification, collection, acquisition and preservation of digital evidence that can be of probative value. This standard provides guidance to individuals regarding common situations encountered during the processing of digital data and assists organizations in their disciplinary procedures and in facilitating the exchange of potential digital evidence between jurisdictions.

The standard provides a guideline on the mechanisms to ensure that the methods and processes used in the investigation of information security incidents are "fit for purpose". It contains the best practices regarding the definition of the requirements, the description of the methods, and demonstration of how the implementation of the methods can satisfy the requests. It also includes considerations on how vendors and third parties can be used to help this warranty process.

This standard provides a guide for the analysis and interpretation of digital data in a way that highlights problems related to continuity, validity, reproducibility and repeatability. It encompasses the best practices for selecting, designing and implementing sufficient information analysis and registration processes to allow processes to be subjected to independent review if necessary. It also provides guidance on the appropriate mechanisms to demonstrate the professionalism and competence of the investigation team.

Describes guidelines based on idealized models for common incident investigation processes across various incident investigation scenarios involving digital evidence.