Committee

Committee:

CTN 320 - Cybersecurity and personal data protection

Secretary:
UNE - ASOCIACIÓN ESPAÑOLA DE NORMALIZACIÓN
Field of Activity:
Standardization of: Development of standards for cybersecurity, privacy and data protection covering all aspects of the evolving information society including but not limited to: - Management systems, frameworks, methodologies - Data protection and privacy - Services and products evaluation standards suitable for security assessment for large companies and small and medium enterprises (SMEs) - Competence requirements for cybersecurity, privacy and data protection - Security requirements, services, techniques and guidelines for ICT systems, services, networks and devices, including smart objects and distributed computing devices
Structure:

SC 1 Cybersecurity management systems

SC 2 Cryptography and security mechanisms

SC 3 Security evaluation, testing and specification

SC 4 Security services

SC 5 Data protection, privacy and identity management

SC 6 Product security

GT CAV Cybersecurity in automotive (mobility)

GT CIOT IOT cybersecurity

GT CIOT2 Secure IoT-Blockchain Architecture Model

International Relations:

ISO/IEC/JTC 1/SC 27  Information security, cybersecurity and privacy protection

CEN/CLC/JTC 13  Cybersecurity and Data Protection

Standards developed by the committee: CTN 320: 89

UNE-EN ISO/IEC 27007:2022 (Ratificada)

Status: VIGENTE2022-03-02

Information security, cybersecurity and privacy protection - Guidelines for information security management systems auditing (ISO/IEC 27007:2020) (Endorsed by Asociación Española de Normalización in February of 2022.)

UNE-EN ISO/IEC 29101:2021 (Ratificada)

Status: VIGENTE2021-11-01

Information technology - Security techniques - Privacy architecture framework (ISO/IEC 29101:2018) (Endorsed by Asociación Española de Normalización in November of 2021.)

UNE-EN ISO/IEC 27017:2021 (Ratificada)

Status: VIGENTE2021-03-01

Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services (ISO/IEC 27017:2015) (Endorsed by Asociación Española de Normalización in March of 2021.)

UNE 320002:2021

Status: VIGENTE2021-02-24

Trusted Architectures for the Exchange of Cyber-threat Intelligence

UNE 320001:2021

Status: VIGENTE2021-01-27

Evaluation methodology LINCE for the cybersecurity of ICT products

UNE 71510:2011

Status: VIGENTE2021-01-19

Applications with the Spanish DNIe. Electronic signature creation and verification. Type 1 for IT platforms that allow an exclusive control of signer’s interfaces, and with a Evaluation Assurance Level «EAL1».

UNE 71511:2011

Status: VIGENTE2021-01-19

Applications with the Spanish DNIe. Electronic signature creation and verification. Type 1 for IT platforms that allow an exclusive control of signer’s interfaces, and with a Evaluation Assurance Level «EAL3»

UNE 71512:2011

Status: VIGENTE2021-01-19

Applications with the Spanish DNIe. Electronic signature creation and verification. Type 2 for personal computers, and with a Evaluation Assurance Level «EAL1»

UNE 71513:2011

Status: VIGENTE2021-01-19

Applications with the Spanish DNIe. Electronic signature creation and verification. Type 2 for personal computers, and with a Evaluation Assurance Level «EAL3»

UNE-ISO/IEC TR 19791:2013 IN

Status: VIGENTE2021-01-19

Information technology. Security techniques. Security assessment of operational systems

UNE-EN ISO/IEC 19790:2020 (Ratificada)

Status: VIGENTE2020-12-23

Information technology - Security techniques - Security requirements for cryptographic modules (ISO/IEC 19790:2012, including corrected version 2015-12)

UNE-EN ISO/IEC 29100:2020 (Ratificada)

Status: VIGENTE2020-09-16

Information technology - Security techniques - Privacy framework (ISO/IEC 29100:2011, including Amd 1:2018) (Endorsed by Asociación Española de Normalización in July of 2020.)

UNE-EN ISO/IEC 27018:2020 (Ratificada)

Status: VIGENTE2020-07-01

Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors (ISO/IEC 27018:2019) (Endorsed by Asociación Española de Normalización in July of 2020.)

UNE-EN ISO/IEC 27011:2020 (Ratificada)

Status: VIGENTE2020-07-01

Information technology - Security techniques - Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations (ISO/IEC 27011:2016) (Endorsed by Asociación Española de Normalización in July of 2020.)

UNE-EN ISO/IEC 29147:2020 (Ratificada)

Status: VIGENTE2020-07-01

Information technology - Security techniques - Vulnerability disclosure (ISO/IEC 29147:2018) (Endorsed by Asociación Española de Normalización in July of 2020.)

UNE-EN ISO/IEC 30111:2020 (Ratificada)

Status: VIGENTE2020-07-01

Information technology - Security techniques - Vulnerability handling processes (ISO/IEC 30111:2019) (Endorsed by Asociación Española de Normalización in July of 2020.)

UNE-EN ISO/IEC 27019:2020 (Ratificada)

Status: VIGENTE2020-05-01

Information technology - Security techniques - Information security controls for the energy utility industry (ISO/IEC 27019:2017, Corrected version 2019-08) (Endorsed by Asociación Española de Normalización in May of 2020.)

UNE-EN ISO/IEC 29134:2020 (Ratificada)

Status: VIGENTE2020-05-01

Information technology - Security techniques - Guidelines for privacy impact assessment (ISO/IEC 29134:2017) (Endorsed by Asociación Española de Normalización in May of 2020.)

UNE-EN ISO/IEC 27042:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Guidelines for the analysis and interpretation of digital evidence (ISO/IEC 27042:2015) (Endorsed by AENOR in December of 2016.)

UNE-EN ISO/IEC 27041:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Guidance on assuring suitability and adequacy of incident investigative method (ISO/IEC 27041:2015) (Endorsed by AENOR in December of 2016.)

Back to results New Search

AENORmás

Design your own personalised collection of standards. Keep your standards updated.