Committee

Committee:

CTN 320 - Cybersecurity, privacity and data protection

Secretary:
UNE - ASOCIACIÓN ESPAÑOLA DE NORMALIZACIÓN
Field of Activity:
Standardization of:Cybersecurity, information protection, and data protection covering: - Management systems and frameworks for cybersecurity and information security. - Technical security mechanisms including cryptography, security controls, and protection methods for ICT systems, networks, and devices. - Data protection and privacy including privacy by design and identity management. - Security evaluation and assessment standards for organizations of all sizes. - Competence requirements for cybersecurity and data protection professionals. - Guidelines and methodologies for emerging technologies and regulatory compliance. Scope covers all aspects of the evolving digital information society, from foundational security mechanisms to practical implementation for large enterprises and SMEs.
Structure:

SC 1 Cybersecurity management systems

SC 2 Cryptography and security mechanisms

SC 3 Security evaluation, testing and specification

SC 4 Security services

SC 5 Data protection, privacy and identity management

SC 6 Product security

SC 7 Cryptografy

GT CAV Cybersecurity in automotive (mobility)

GT CIOT IOT cybersecurity

GT CIOT2 Secure IoT-Blockchain Architecture Model

International Relations:

ISO/IEC/JTC 1/SC 27  Information security, cybersecurity and privacy protection

ISO/IEC/JTC 1/SC 44  Consumer protection in the field of privacy by design

CEN/CLC/JTC 13  Cybersecurity and Data Protection

Standards developed by the committee: CTN 320: 89

UNE-EN 17926:2023 (Ratificada)

Status: VIGENTE2024-01-01

Privacy Information Management System per ISO/IEC 27701 - Refinements in European context (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN 17927:2023 (Ratificada)

Status: VIGENTE2023-12-01

Security Evaluation Standard for IoT Platforms (SESIP). An effective methodology for applying cybersecurity assessment and re-use for connected products. (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN 17740:2023 (Ratificada)

Status: VIGENTE2023-12-01

Requirements for professional profiles related to personal data processing and protection (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN 17799:2023 (Ratificada)

Status: VIGENTE2023-12-01

Personal data protection requirements for processing operations (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN ISO/IEC 18045:2023 (Ratificada)

Status: VIGENTE2023-12-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Methodology for IT security evaluation (ISO/IEC 18045:2022) (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN ISO/IEC 27002:2023

Status: VIGENTE2023-06-21

Information security, cybersecurity and privacy protection - Information security controls (ISO/IEC 27002:2022)

UNE-EN ISO/IEC 29184:2023 (Ratificada)

Status: VIGENTE2023-05-01

Information technology - Online privacy notices and consent (ISO/IEC 29184:2020) (Endorsed by Asociación Española de Normalización in May of 2023.)

UNE-EN ISO/IEC 29146:2023 (Ratificada)

Status: VIGENTE2023-05-01

Information technology - Security techniques - A framework for access management (ISO/IEC 29146:2016, including Amd 1:2022) (Endorsed by Asociación Española de Normalización in May of 2023.)

UNE-CEN/CLC/TR 17919:2023 (Ratificada)

Status: VIGENTE2023-03-01

Data protection and privacy by design and by default - Technical Report on applicability to the video surveillance industry - State of the art (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-1:2023 (Ratificada)

Status: VIGENTE2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 1: Introduction, concepts and general requirements (ISO/IEC 19896-1:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-2:2023 (Ratificada)

Status: VIGENTE2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 2: Knowledge, skills and effectiveness requirements for ISO/IEC 19790 testers (ISO/IEC 19896-2:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-3:2023 (Ratificada)

Status: VIGENTE2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators (ISO/IEC 19896-3:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-CEN/CLC/TS 17880:2022 (Ratificada)

Status: VIGENTE2023-02-01

Protection Profile for Smart Meter - Minimum Security requirements (Endorsed by Asociación Española de Normalización in February of 2023.)

UNE-EN 17640:2022 (Ratificada)

Status: VIGENTE2022-12-01

Fixed-time cybersecurity evaluation methodology for ICT products (Endorsed by Asociación Española de Normalización in December of 2022.)

UNE-CEN ISO/IEC/TS 27006-2:2022 (Ratificada)

Status: VIGENTE2022-12-01

Requirements for bodies providing audit and certification of information security management systems - Part 2: Privacy information management systems (ISO/IEC TS 27006-2:2021) (Endorsed by Asociación Española de Normalización in December of 2022.)

UNE-EN ISO/IEC 24760-2:2022 (Ratificada)

Status: VIGENTE2022-11-01

Information technology - Security techniques - A framework for identity management - Part 2: Reference architecture and requirements (ISO/IEC 24760-2:2015) (Endorsed by Asociación Española de Normalización in November of 2022.)

UNE-EN ISO/IEC 24760-3:2022 (Ratificada)

Status: VIGENTE2022-11-01

Information technology - Security techniques - A framework for identity management - Part 3: Practice (ISO/IEC 24760-3:2016) (Endorsed by Asociación Española de Normalización in November of 2022.)

UNE-EN ISO/IEC 24760-1:2022 (Ratificada)

Status: VIGENTE2022-08-01

IT Security and Privacy - A framework for identity management - Part 1: Terminology and concepts (ISO/IEC 24760-1:2019) (Endorsed by Asociación Española de Normalización in August of 2022.)

UNE-EN 17529:2022 (Ratificada)

Status: VIGENTE2022-07-01

Data protection and privacy by design and by default (Endorsed by Asociación Española de Normalización in July of 2022.)

UNE-EN ISO/IEC 29151:2022 (Ratificada)

Status: VIGENTE2022-05-01

Information technology - Security techniques - Code of practice for personally identifiable information protection (ISO/IEC 29151:2017) (Endorsed by Asociación Española de Normalización in May of 2022.)

Back to results New Search

AENORmás

Design your own personalised collection of standards. Keep your standards updated.