IS/ISO/IEC 27034 : Part 2 : 2015 Information Technology - Security Techniques - Application Security Part 2 Organization Normative Framework

ICS 35.040

LITD 17

Reaffirmed 2022

NATIONAL FOREWORD

This Indian Standard (Part 2) which is identical with ISO/IEC 27034-2 : 2015 ‘Information technology - Security techniques - Part 2: Organization normative framework’ issued by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) jointly was adopted by the Bureau of Indian Standards on recommendation of the Information Systems Security and Biometrics Sectional Committee, and approval of the Electronics and Information Technology Division Council.

This Indian Standard is published in several parts. The other parts in this series are:

Part 1 Overview and concepts

Part 5 Protocols and application security controls data structure

Part 6 Case studies

The text of ISO/IEC Standard has been approved as suitable for publication as an Indian Standard without deviations. Certain terminologies and conventions are, however, not identical to those used in Indian Standards. Attention is particularly drawn to the following:

a) Wherever the words ‘International Standard’ appear referring to this standard, they should be read as ‘Indian Standard’.

b) Comma (,) has been used as a decimal marker, while in Indian Standards, the current practice is to use a point (.) as the decimal marker.