Home>Encuentra tu norma>Comités Técnicos de Normalización>Comité
Committee

Committee:

CTN 320 - Cybersecurity, privacity and data protection

Secretary:
UNE - ASOCIACIÓN ESPAÑOLA DE NORMALIZACIÓN
Field of Activity:
Standardization of:Cybersecurity, information protection, and data protection covering: - Management systems and frameworks for cybersecurity and information security. - Technical security mechanisms including cryptography, security controls, and protection methods for ICT systems, networks, and devices. - Data protection and privacy including privacy by design and identity management. - Security evaluation and assessment standards for organizations of all sizes. - Competence requirements for cybersecurity and data protection professionals. - Guidelines and methodologies for emerging technologies and regulatory compliance. Scope covers all aspects of the evolving digital information society, from foundational security mechanisms to practical implementation for large enterprises and SMEs.
Structure:

SC 1 Cybersecurity management systems

SC 2 Cryptography and security mechanisms

SC 3 Security evaluation, testing and specification

SC 4 Security services

SC 5 Data protection, privacy and identity management

SC 6 Product security

SC 7 Cryptografy

GT CAV Cybersecurity in automotive (mobility)

GT CIOT IOT cybersecurity

GT CIOT2 Secure IoT-Blockchain Architecture Model

International Relations:

ISO/IEC/JTC 1/SC 27  Information security, cybersecurity and privacy protection

ISO/IEC/JTC 1/SC 44  Consumer protection in the field of privacy by design

CEN/CLC/JTC 13  Cybersecurity and Data Protection

Standards developed by the committee: CTN 320: 89

UNE-CEN/CLC/TS 18072:2025 (Ratificada)

Status: VIGENTE / 2025-06-01

Requirements for Conformity Assessment Bodies certifying Cloud Services (Endorsed by Asociación Española de Normalización in June of 2025.)

UNE-EN 18037:2025 (Ratificada)

Status: VIGENTE / 2025-05-01

Guidelines on a sectoral cybersecurity assessment (Endorsed by Asociación Española de Normalización in May of 2025.)

UNE-EN ISO/IEC 27555:2025 (Ratificada)

Status: VIGENTE / 2025-05-01

Information security, cybersecurity and privacy protection - Guidelines on personally identifiable information deletion (ISO/IEC 27555:2021) (Endorsed by Asociación Española de Normalización in May of 2025.)

UNE-EN 18031-1:2025

Status: VIGENTE / 2025-03-12

Common security requirements for radio equipment - Part 1: Internet connected radio equipment

UNE-EN 18031-2:2025

Status: VIGENTE / 2025-03-12

Common security requirements for radio equipment - Part 2: radio equipment processing data, namely Internet connected radio equipment, childcare radio equipment, toys radio equipment and wearable radio equipment

UNE-EN 18031-3:2025

Status: VIGENTE / 2025-03-12

Common security requirements for radio equipment - Part 3: Internet connected radio equipment processing virtual money or monetary value

UNE-CEN/CLC ISO/IEC/TS 23532-1:2024 (Ratificada)

Status: VIGENTE / 2024-11-01

Information security, cybersecurity and privacy protection - Requirements for the competence of IT security testing and evaluation laboratories - Part 1: Evaluation for ISO/IEC 15408 (ISO/IEC/TS 23532-1:2021) (Endorsed by Asociación Española de Normalización in November of 2024.)

UNE-CEN/CLC ISO/IEC/TS 23532-2:2024 (Ratificada)

Status: VIGENTE / 2024-11-01

Information security, cybersecurity and privacy protection - Requirements for the competence of IT security testing and evaluation laboratories - Part 2: Testing for ISO/IEC 19790 (ISO/IEC/TS 23532-2:2021) (Endorsed by Asociación Española de Normalización in November of 2024.)

UNE-EN ISO/IEC 27701:2021

Status: VIGENTE / 2024-10-23

Security techniques - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management - Requirements and guidelines (ISO/IEC 27701:2019)

UNE-EN ISO/IEC 27001:2023

Status: VIGENTE / 2024-09-25

Information security, cybersecurity and privacy protection - Information security management systems - Requirements (ISO/IEC 27001:2022)

UNE-EN ISO/IEC 27001:2023/A1:2024

Status: VIGENTE / 2024-09-25

Information security, cybersecurity and privacy protection - Information security management systems - Requirements - Amendment 1: Climate action changes (ISO/IEC 27001:2022/Amd 1:2024)

UNE-EN ISO/IEC 27000:2021

Status: VIGENTE / 2024-09-25

Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2018)

UNE-EN ISO/IEC 27005:2024 (Ratificada)

Status: VIGENTE / 2024-09-01

Information security, cybersecurity and privacy protection - Guidance on managing information security risks (ISO/IEC 27005:2022) (Endorsed by Asociación Española de Normalización in September of 2024.)

UNE-CEN/TS 18026:2024 (Ratificada)

Status: VIGENTE / 2024-06-01

Three-level approach for a set of cybersecurity requirements for cloud services (Endorsed by Asociación Española de Normalización in June of 2024.)

UNE-EN ISO/IEC 27006-1:2024 (Ratificada)

Status: VIGENTE / 2024-04-01

Information security, cybersecurity and privacy protection - Requirements for bodies providing audit and certification of information security management systems - Part 1: General (ISO/IEC 27006-1:2024) (Endorsed by Asociación Española de Normalización in April of 2024.)

UNE-EN ISO/IEC 15408-1:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model (ISO/IEC 15408-1:2022) (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN ISO/IEC 15408-2:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components (ISO/IEC 15408-2:2022) (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN ISO/IEC 15408-3:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 3: Security assurance components (ISO/IEC 15408-3:2022) (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN ISO/IEC 15408-4:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 4: Framework for the specification of evaluation methods and activities (ISO/IEC 15408-4:2022) (Endorsed by Asociación Española de Normalización in January of 2024.)

UNE-EN ISO/IEC 15408-5:2023 (Ratificada)

Status: VIGENTE / 2024-01-01

Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 5: Pre-defined packages of security requirements (ISO/IEC 15408-5:2022) (Endorsed by Asociación Española de Normalización in January of 2024.)

Back to results New Search

AENORmás

Design your own personalised collection of standards. Keep your standards updated.