Committee

Committee:

CTN 320 - Cybersecurity and personal data protection

Secretary:

UNE - ASOCIACIÓN ESPAÑOLA DE NORMALIZACIÓN

Field of Activity:

Standardization of: Development of standards for cybersecurity, privacy and data protection covering all aspects of the evolving information society including but not limited to: - Management systems, frameworks, methodologies - Data protection and privacy - Services and products evaluation standards suitable for security assessment for large companies and small and medium enterprises (SMEs) - Competence requirements for cybersecurity, privacy and data protection - Security requirements, services, techniques and guidelines for ICT systems, services, networks and devices, including smart objects and distributed computing devices

Structure:

SC 1 Cybersecurity management systems

SC 2 Cryptography and security mechanisms

SC 3 Security evaluation, testing and specification

SC 4 Security services

SC 5 Data protection, privacy and identity management

SC 6 Product security

GT CAV Cybersecurity in automotive (mobility)

GT CIOT IOT cybersecurity

GT CIOT2 Secure IoT-Blockchain Architecture Model

International Relations:

ISO/IEC/JTC 1/SC 27 Information security, cybersecurity and privacy protection

CEN/CLC/JTC 13 Cybersecurity and Data Protection

Standards developed by the committee: CTN 320: 89

UNE-EN 17926:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Privacy Information Management System per ISO/IEC 27701 - Refinements in European context (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN 17927:2023 (Ratificada)

Status: VIGENTE / 2023-12-01

Security Evaluation Standard for IoT Platforms (SESIP). An effective methodology for applying cybersecurity assessment and re-use for connected products. (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN 17740:2023 (Ratificada)

Status: VIGENTE / 2023-12-01

Requirements for professional profiles related to personal data processing and protection (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN 17799:2023 (Ratificada)

Status: VIGENTE / 2023-12-01

Personal data protection requirements for processing operations (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN ISO/IEC 18045:2023 (Ratificada)

Status: VIGENTE / 2023-12-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Methodology for IT security evaluation (ISO/IEC 18045:2022) (Endorsed by Asociación Española de Normalización in December of 2023.)

UNE-EN ISO/IEC 27002:2023

Status: VIGENTE / 2023-06-21

Information security, cybersecurity and privacy protection - Information security controls (ISO/IEC 27002:2022)

UNE-EN ISO/IEC 29184:2023 (Ratificada)

Status: VIGENTE / 2023-05-01

Information technology - Online privacy notices and consent (ISO/IEC 29184:2020) (Endorsed by Asociación Española de Normalización in May of 2023.)

UNE-EN ISO/IEC 29146:2023 (Ratificada)

Status: VIGENTE / 2023-05-01

Information technology - Security techniques - A framework for access management (ISO/IEC 29146:2016, including Amd 1:2022) (Endorsed by Asociación Española de Normalización in May of 2023.)

UNE-CEN/CLC/TR 17919:2023 (Ratificada)

Status: VIGENTE / 2023-03-01

Data protection and privacy by design and by default - Technical Report on applicability to the video surveillance industry - State of the art (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-1:2023 (Ratificada)

Status: VIGENTE / 2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 1: Introduction, concepts and general requirements (ISO/IEC 19896-1:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-2:2023 (Ratificada)

Status: VIGENTE / 2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 2: Knowledge, skills and effectiveness requirements for ISO/IEC 19790 testers (ISO/IEC 19896-2:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

UNE-EN ISO/IEC 19896-3:2023 (Ratificada)

Status: VIGENTE / 2023-03-01

IT security techniques - Competence requirements for information security testers and evaluators - Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators (ISO/IEC 19896-3:2018) (Endorsed by Asociación Española de Normalización in March of 2023.)

Back to results New Search

AENORmás

Design your own personalised collection of standards. Keep your standards updated.

CTN 320 - Cybersecurity and personal data protection

UNE-EN 17926:2023 (Ratificada)

UNE-EN 17927:2023 (Ratificada)

UNE-EN 17740:2023 (Ratificada)

UNE-EN 17799:2023 (Ratificada)

UNE-EN ISO/IEC 18045:2023 (Ratificada)

UNE-EN ISO/IEC 27002:2023

UNE-EN ISO/IEC 29184:2023 (Ratificada)

UNE-EN ISO/IEC 29146:2023 (Ratificada)

UNE-CEN/CLC/TR 17919:2023 (Ratificada)

UNE-EN ISO/IEC 19896-1:2023 (Ratificada)

UNE-EN ISO/IEC 19896-2:2023 (Ratificada)

UNE-EN ISO/IEC 19896-3:2023 (Ratificada)

UNE-CEN/CLC/TS 17880:2022 (Ratificada)

UNE-EN 17640:2022 (Ratificada)

UNE-CEN ISO/IEC/TS 27006-2:2022 (Ratificada)

UNE-EN ISO/IEC 24760-2:2022 (Ratificada)

UNE-EN ISO/IEC 24760-3:2022 (Ratificada)

UNE-EN ISO/IEC 24760-1:2022 (Ratificada)

UNE-EN 17529:2022 (Ratificada)

UNE-EN ISO/IEC 29151:2022 (Ratificada)