International Standard
ISO/IEC TS 9569:2023
Information security, cybersecurity and privacy protection — Evaluation criteria for IT security — Patch Management Extension for the ISO/IEC 15408 series and ISO/IEC 18045
Reference number
ISO/IEC TS 9569:2023
Edition 1
2023-11
International Standard
Read sample
ISO/IEC TS 9569:2023
83534
Published (Edition 1, 2023)

ISO/IEC TS 9569:2023

ISO/IEC TS 9569:2023
83534
Language
Format
CHF 173
Convert Swiss francs (CHF) to your currency

Abstract

This document specifies patch management (PAM) security assurance requirements and is intended to be used as an extension of the ISO/IEC 15408 series and ISO/IEC 18045.

The security assurance requirements specified in this document do not include evaluation or test activities on the final target of evaluation (TOE), but focus on the initial TOE and on the life cycle processes used by manufacturers. Additionally, this document gives guidance to facilitate the evaluation of the TOE, including the patch and development processes which support the patch management.

This document lists options for evaluation authorities (or mutual recognition agreements) on how to utilize the additional assurance and additional evidence in their processes to enable the developer to consistently re-certify their updated or patched TOEs to the benefit of the users. The implementation of these options using an evaluation scheme is out of the scope of this document.

General information

  •  : Published
     : 2023-11
    : International Standard published [60.60]
  •  : 1
     : 36
  • ISO/IEC JTC 1/SC 27
    35.030 
  • RSS updates

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)