We use cookies to give you the best experience and to help improve our website

Find out what cookies we use and how to disable them

IST/33 - Information security, cybersecurity and privacy protection

Sector: Governance & Resilience

Categories: | Information technology. | Networking | Documents | IT applications. Other | | Certification. Conformity assessment | IT applications. Health care technology | Information coding. Character sets | | Company organization and management. Other | Law. Administration | | Open systems interconnection. General | Finances. Banking. Monetary systems. Insurance | Particle size analysis. Sieving | Crime protection | IT applications. Banking | Receiving and transmitting | Information technology. General | Company organization and management. General | Services. Other | Document imaging applications

Overview: Under the direction of the British Electrotechnical Committee and the Standards Policy and Strategy Committee, is responsible for the UK input into ISO/IEC JTC 1/SC 27; recommending action to be taken on issues relevant to ISO/IEC JTC1 that concern the planning and coordination of Security, cybersecurity and privacy protection work; coordinating standardization activities within the scope of ICT/- and maintaining liaison with other groups within and outside BSI concerned with security standardization. IST/33 is also responsible for providing the UK input to CEN/CLC/JTC 13 (Cyber Security and Data Protection)

Committee standards activity

In Progress (80)
Reference Standards description
Status ?

The standards development process is divided into chronological stages: Proposal; Drafting; Public comment; Comment resolution; Approval; Published standard.

Revision of BS 7799-3:2017 - Information security management systems - Guidelines for information security risk management

Categories: Information management | Standardization. General rules | ICT | Information technology | Information technology. General

Proposal begins : 2023-08-21
Proposal
PD ISO/IEC/TR 27109 Cybersecurity education and training

Categories: Unclassified documents

Proposal begins :
Proposal
PD ISO/IEC/TR 27024 ISO/IEC 27001 family of standards references list — Use of ISO/IEC 27001 family of standards in Governmental / Regulatory requirements

Categories: Unclassified documents

Proposal begins :
Proposal
NWIP - Common security requirements for internet connected radio equipment

Categories: Information management | Standardization. General rules | ICT | Information technology | Information technology. General

Proposal begins : 2022-09-21
Proposal
NWIP Scheme for certification of PII processing operations

Categories: Information management | Standardization. General rules | Business | Quality | Certification. Conformity assessment

Proposal begins : 2022-08-24
Proposal
NWI Revision of EN 17926

Categories: Information management | Standardization. General rules

Proposal begins : 2024-07-22
Proposal
NWI ballot on Generic Security Requirements

Categories: Information management | Standardization. General rules

Proposal begins : 2024-11-27
Proposal
NWI ballot on Principles for cyber resilience

Categories: Information management | Standardization. General rules

Proposal begins : 2024-11-27
Proposal
NWI ballot on Vulnerability Handling

Categories: Information management | Standardization. General rules

Proposal begins : 2024-11-27
Proposal
NWI Common security requirements for radio equipment processing data, namely internet connected radio equipment, childcare radio equipment, toys radio equipment and wearable radio equipment

Categories: Information management | Standardization. General rules | ICT | Information technology | Information technology. General

Proposal begins : 2022-09-21
Proposal
Published (55)
Reference Standards description
Status ?

The standards development process is divided into chronological stages: Proposal; Drafting; Public comment; Comment resolution; Approval; Published standard.

PD ISO/IEC TR 6114:2023 Cybersecurity. Security considerations throughout the product life cycle

Categories:

Published standard begins : 2023-10-18
Published standard
PD ISO/IEC TR 5895:2022 Cybersecurity. Multi-party coordinated vulnerability disclosure and handling

Categories:

Published standard begins : 2022-08-18
Published standard
PD ISO/IEC TR 27023:2015 Information technology. Security techniques. Mapping the revised editions of ISO/IEC 27001 and ISO/IEC 27002

Categories:

Published standard begins : 2015-07-09
Published standard
PD CEN/CLC ISO/IEC/TS 23532-1:2024 Information security, cybersecurity and privacy protection. Requirements for the competence of IT security testing and evaluation laboratories. Evaluation for ISO/IEC 15408

Categories:

Published standard begins : 2024-10-14
Published standard
PD CEN ISO/IEC/TS 27006-2:2022 Requirements for bodies providing audit and certification of information security management systems. Part 2: Privacy information management systems

Categories: Certification. Conformity assessment |

Published standard begins : 2023-04-17
Published standard
BS ISO/IEC TR 13335-5:2001 Information technology. Guidelines for the management of IT security. Management guidance of network security

Categories:

Published standard begins : 2001-11-07
Published standard
BS ISO/IEC 29192-2:2019 Information security. Lightweight cryptography. Block ciphers

Categories:

Published standard begins : 2019-11-28
Published standard
BS ISO/IEC 29191:2012 Information technology. Security techniques. Requirements for partially anonymous, partially unlinkable authentication

Categories:

Published standard begins : 2013-01-02
Published standard
BS ISO/IEC 27562:2024 Information technology. Security techniques. Privacy guidelines for fintech services

Categories: Finances. Banking. Monetary systems. Insurance | | IT applications. Banking

Published standard begins : 2024-12-18
Published standard
BS ISO/IEC 27071:2023 Cybersecurity. Security recommendations for establishing trusted connections between devices and services

Categories:

Published standard begins : 2023-08-04
Published standard
Withdrawn (45)
Reference Standards description
Status ?

The standards development process is divided into chronological stages: Proposal; Drafting; Public comment; Comment resolution; Approval; Published standard.

PD ISO/IEC TS 27006-2:2021 Requirements for bodies providing audit and certification of information security management systems. Privacy information management systems

Categories: Certification. Conformity assessment |

Withdrawn begins : 2023-04-17
Withdrawn
PD ISO/IEC TS 23532-1:2021 Information security, cybersecurity and privacy protection. Requirements for the competence of IT security testing and evaluation laboratories. Evaluation for ISO/IEC 15408

Categories:

Withdrawn begins : 2024-10-14
Withdrawn
PD ISO/IEC TR 27008:2011 Information technology. Security techniques. Guidelines for auditors on information security controls

Categories:

Withdrawn begins : 2019-01-24
Withdrawn
PD ISO/IEC TR 18044:2004 Information technology. Security techniques. Information security incident management

Categories:

Withdrawn begins : 2011-09-13
Withdrawn
PD ISO/IEC TR 15446:2004 Information technology. Security techniques. Guide for the production of protection profiles and security targets

Categories:

Withdrawn begins : 2009-09-24
Withdrawn
PD ISO/IEC TR 15443-2:2012 Information technology. Security techniques. Security assurance framework. Analysis

Categories: | Information coding. Character sets

Withdrawn begins : 2013-10-08
Withdrawn
PD ISO/IEC TR 15443-1:2012 Information technology. Security techniques. Security assurance framework. Introduction and concepts

Categories: | Information coding. Character sets

Withdrawn begins : 2013-10-08
Withdrawn
DD ISO/IEC PAS 11889-4:2009 Information technology. Trusted Platform Module. Commands

Categories: Information coding. Character sets

Withdrawn begins : 2009-08-26
Withdrawn
DD ISO/IEC PAS 11889-3:2009 Information technology. Trusted platform module. Structures

Categories: Information coding. Character sets

Withdrawn begins : 2009-08-26
Withdrawn
DD ISO/IEC PAS 11889-2:2009 Information technology. Trusted platform module. Design principles

Categories: | Information coding. Character sets

Withdrawn begins : 2009-08-26
Withdrawn