Committee

Committee:

CTN 320 - Cybersecurity, privacity and data protection

Secretary:
UNE - ASOCIACIÓN ESPAÑOLA DE NORMALIZACIÓN
Field of Activity:
Standardization of:Cybersecurity, information protection, and data protection covering: - Management systems and frameworks for cybersecurity and information security. - Technical security mechanisms including cryptography, security controls, and protection methods for ICT systems, networks, and devices. - Data protection and privacy including privacy by design and identity management. - Security evaluation and assessment standards for organizations of all sizes. - Competence requirements for cybersecurity and data protection professionals. - Guidelines and methodologies for emerging technologies and regulatory compliance. Scope covers all aspects of the evolving digital information society, from foundational security mechanisms to practical implementation for large enterprises and SMEs.
Structure:

SC 1 Cybersecurity management systems

SC 2 Cryptography and security mechanisms

SC 3 Security evaluation, testing and specification

SC 4 Security services

SC 5 Data protection, privacy and identity management

SC 6 Product security

SC 7 Cryptografy

GT CAV Cybersecurity in automotive (mobility)

GT CIOT IOT cybersecurity

GT CIOT2 Secure IoT-Blockchain Architecture Model

International Relations:

ISO/IEC/JTC 1/SC 27  Information security, cybersecurity and privacy protection

ISO/IEC/JTC 1/SC 44  Consumer protection in the field of privacy by design

CEN/CLC/JTC 13  Cybersecurity and Data Protection

Standards developed by the committee: CTN 320: 89

UNE-EN ISO/IEC 27037:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012) (Endorsed by AENOR in December of 2016.)

UNE-EN ISO/IEC 27038:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Specification for digital redaction (ISO/IEC 27038:2014) (Endorsed by AENOR in December of 2016.)

UNE-EN ISO/IEC 27043:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Incident investigation principles and processes (ISO/IEC 27043:2015) (Endorsed by AENOR in December of 2016.)

UNE-EN ISO/IEC 27040:2016 (Ratificada)

Status: VIGENTE2016-12-01

Information technology - Security techniques - Storage security (ISO/IEC 27040:2015) (Endorsed by AENOR in December of 2016.)

UNE 71506:2013

Status: VIGENTE2013-07-03

Information Technologies (IT). Methodology for the digital evidences forensic analysis

UNE 71505-1:2013

Status: VIGENTE2013-07-03

Information Technologies (IT). Digital evidences management system. Part 1: Vocabulary and general principles.

UNE 71505-2:2013

Status: VIGENTE2013-07-03

Information Technologies (IT). Digital evidences management system. Part 2: Good practices for the digital evidences management.

UNE 71505-3:2013

Status: VIGENTE2013-07-03

Information Technologies (IT). Digital evidences management system. Part 3: Formats and technical mechanisms.

UNE-ISO/IEC TR 15446:2013 IN

Status: VIGENTE2013-04-30

Information technology. Security techniques. Guide for the production of Protection Profiles and Security Targets

UNE-EN ISO/IEC 27006:2020 (Ratificada)

Status: ANULADA2024-04-01

Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems (ISO/IEC 27006:2015, including Amd 1:2020) (Endorsed by Asociación Española de Normalización in January of 2021.)

UNE-EN ISO/IEC 15408-1:2020 (Ratificada)

Status: ANULADA2024-01-01

Information technology - Security techniques - Evaluation criteria for IT security - Part 1: Introduction and general model (ISO/IEC 15408-1:2009) (Endorsed by Asociación Española de Normalización in May of 2020.)

UNE-EN ISO/IEC 15408-2:2020 (Ratificada)

Status: ANULADA2024-01-01

Information technology - Security techniques - Evaluation criteria for IT security - Part 2: Security functional components (ISO/IEC 15408-2:2008) (Endorsed by Asociación Española de Normalización in May of 2020.)

UNE-EN ISO/IEC 15408-3:2020 (Ratificada)

Status: ANULADA2024-01-01

Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components (ISO/IEC 15408-3:2008, Corrected version 2011-05)

UNE-EN ISO/IEC 18045:2020 (Ratificada)

Status: ANULADA2023-12-01

Information technology - Security techniques - Methodology for IT security evaluation (ISO/IEC 18045:2008) (Endorsed by Asociación Española de Normalización in May of 2020.)

UNE-ISO/IEC 27001:2023

Status: ANULADA2023-09-13

Information security, cybersecurity and privacy protection. Information security management systems. Requirements

UNE-EN ISO/IEC 27001:2017

Status: ANULADA2023-09-13

Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015)

UNE-EN ISO/IEC 27002:2017

Status: ANULADA2023-05-17

Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015)

UNE-EN ISO/IEC 27000:2019

Status: ANULADA2021-12-15

Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2016)

UNE 71504:2008

Status: ANULADA2021-01-21

Risk analysis methodology and management for information systems.

UNE-ISO/IEC 27000:2014

Status: ANULADA2019-02-20

Information technology -- Security techniques -- Information security management systems -- Overview and vocabulary

Back to results New Search

AENORmás

Design your own personalised collection of standards. Keep your standards updated.