ISO/IEC TR 15947
ISO/IEC TR 15947 - Information technology -- Security techniques -- IT intrusion detection framework
Published under Risk Management
Title: | ISO/IEC TR 15947:2002 - Information technology -- Security techniques -- IT intrusion detection framework |
Source reference: | http://www.iso.org/ (Note: this is a reference to the ISO page where the standard can be acquired. However, the standard is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted). |
Topic: | Security management – Intrusion detection in IT systems |
Direct / indirect relevance | Indirect. The text allows security professionals to rely on a specific set of concepts and methodologies for describing and assessing security risks with regard to potential intrusions in IT systems. It can be used as a tool for RM/RA. |
Scope: | Not publicly available ISO Technical Report (TR), which can be voluntarily applied. |
Legal force: | Nonbinding ISO TR. |
Affected sectors: | Generic. The TR can be applied by security professionals in any sector confronted by IT intrusion detection difficulties. |
Relevant provision(s): | The TR is not free of charge, and its provisions are not publicly available. For this reason, specific provisions cannot be quoted. The publicly available abstract describes the TR as follows: “ISO/IEC TR 15947:2002 defines a framework for detection of intrusions into IT systems. It establishes common definitions for intrusion detection terms and concepts. It describes the methodologies, concepts and relationships among them, addresses possible orderings of intrusion detection tasks and related activities, and attempts to relate these tasks and processes to an organization's or enterprise's procedures to demonstrate the practical integration of intrusion detection within an organization or enterprise security policy.” Source: http://www.iso.org/ |
Relevance to RM/RA: | The standard allows security professionals to rely on a specific set of concepts and methodologies for describing and assessing security risks with regard to potential intrusions in IT systems. It does not contain any RM/RA obligations as such, but it is rather a tool for facilitating RM/RA activities in the affected field. |
Browse the Topics