TECHNICAL ISO/IEC REPORT TR 15443-2 Second edition 2012-11-15 Information technology Security techniques s Security assurance framework Part 2: Analysis Technologies de I'information - Techniques de sécurité - Assurance delasecuritecadre Partie 2: Analyses Reference number ISO/IEC TR 15443-2:2012(E) Iso IEC @ISO/IEC2012 py IHS under lic itted without license from IHS Not for Resale ISO/IEC TR 15443-2:2012(E) COPYRIGHTPROTECTEDDOCUMENT ISO/IEC2012 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either isO at the address below or Iso's member body in the country of the requester. ISO copyright office Case postale 56. CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail [email protected] Web www.iso.org Published in Switzerland @ ISO/IEC 2012 - All rights reserved ed by IHS under itted without license from IHS Not for Resale ISO/IEC TR 15443-2:2012(E) Contents Page Foreword Introduction. ..vi 1 Scope. 2 Normative references... 3 Terms, definitions and abbreviated terms. 4 A framework for the analysis of IT security assurance.. 5 Criteria for the analysis SACA paradigms... 5.1 Availability of recognition agreements and arrangements.. 5.1.1 5.1.2 Criteria ...... 5.2 Geographical and political considerations.. 5.2.1 Discussion ... 5.2.2 6 Criteria for the analysis of SACA schemes and SACA systems ... 6.1 Independence ..... 6.1.1 Discussion... 6.1.2 Criteria.. 6.2 Scheme competence... 6.2.1 Discussion ... 6.2.2 Criteria.. 6.3 Assessment conformity..... 6.3.1 Discussion ....... 6.3.2 Criteria... 6.4 Support to security assurance users and providers ... 6.4.1 6.4.2 Criteria... 6.5 Provision of interpretations of standards and methods . 6.5.1 6.5.2 6.6 Scheme related policies... 6.6.1 Discussion .. 6.6.2 6.7 SACA systems 6.7.1 Discussion .. 6.7.2 Criteria.... 6.8 6.8.1 Discussion 6.8.2 Criteria. 6.9 SACA results.... 6.9.1 Discussion .. 6.9.2 Criteria. 6.10 SACA Marks and symbols.... 6.10.1 Discussion... 6.10.2 Criteria..... 7 Criteria for the analysis of SACA bodies .... 7.1 Independence ... 7.1.1 Discussion.. 7.1.2 Criteria ... CopyrightInternatinal Oorganizaion for stanardization All rights reserved ili ted without license from IHS Not for Resale