ГОСТ Р 54583-2011; Страница 52

Библиография

1. ISO/IEC Guide 611), General requirements for assessment and accreditation of certification/registration bodies
2. ISO/IEC Guide 65, General requirements for bodies operating product certification systems
3. ISO/IEC Guide 67, Conformity Assessment — Fundamentals of product certification
4. ISO/IEC Guide 73, Risk Management— Vocabulary— Guidelines for use in standards
5. ISO 9000, Quality management systems — Fundamentals and vocabulary
6. ISO 9001, Quality management systems — Requirements
7. ISO/IEC 13335-1, Information technology — Security techniques — Management of information and communications

technology security — Part 1: Concepts and models for information and communications technology security management

8. ISO/IEC 15288, Systems and software engineering — System life cycle processes
9. ISO/IEC 15408-1, Information technology—Security techniques — Evaluation criteria for IT security—Part 1:

Introduction and general model

10. ISO/IEC 15408-2, Information technology—Security techniques — Evaluation criteria for IT security—Part 2:

Security functional requirements

11. ISO/IEC 15408-3, Information technology—Security techniques — Evaluation criteria for IT security—Part 3:

Security assurance requirements

12. ISO/IEC 18045, Information technology — Security techniques — Methodology for IT security evaluation
13. ISO/IEC 17024, Conformity Assessment— General requirements for bodies operating certification of persons
14. ISO/IEC 17025, General requirements forthe competence of testing and calibration laboratories
15. ISO/IEC 19791, Information technology— Security techniques — Security assessment of operational systems
16. ISO/IEC 19790, Information technology— Security techniques — Security requirements for cryptographic modules
17. ISO/IEC 21827, Information technology—Security techniques—Systems Security Engineering — Capability

maturity model® (SSE-CMM®)

18. ISO/IEC 27001, Information technology—Security techniques — Information security management systems —

Requirements

19. ISO/IEC 27002, Information technology—Security techniques—Code of practice for information security

management

20. ISO/IEC 27005, Information technology— Security techniques — Information security risk management
21. CEN/CENELEC EN 45013: General criteria for certification bodies operating certification of personnel
22. FIPS 140-1: Federal Information Processing Standard: Security Requirements for Cryptographic Modules, National Institute of Standards and Technology (NIST),http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf
23. IT Grundschutz (Baseline Protection) Manual, Bundesamt für Sicherheit in der IT (BSI), 2004, http://www.bsi.bund.de/english/
24. A Comparative Study of IT Security Criteria, Initiative D21, Initiative D21 e. V., Siemensdamm 50, 13629 Berlin, Germany
25. A Guide to Certification and Accreditation for Information Technology Systems (MG-4), January 1996, CSE, The ITS Publications Section, (613) 991-7514/7468 or http://www.cse.dnd.ca
26. A Guide To Risk Assessment and Safeguard Selection for Information Technology Systems, January 1996, CSE, The ITS Publications Section, (613) 991-7514/7468 or http://www.cse.dnd.ca
27. COBIT MAPPING — Overview of International IT Guidance, IT Governance Institute, January 2004, IT Governance Institute, 3701 Algonquin Road, Suite 1010, Rolling Meadows, IL 60008, USA, (847) 590 7491 orhttp://www.itqi.org
28. Fiona Pattinson, Comparing ISO 17799:2000 with SSE CMM V2,        2002,

http://www.cccure.orq//Documents/ISO17799/ISO17799 SSE CMM comparison.pdf

29. Susanne Rohrig, Using Process Models To Analyse IT Security Requirements, Thesis, Faculty of Economics, University of Zurich, Switzerland, March 2003

11 Отменено и заменено на ISO/IEC 17011.