ISO/IEC 27034-5:2017
Information technology — Security techniques — Application security — Part 5: Protocols and application security controls data structure
ISO/IEC 27034-5 outlines and explains the minimal set of essential attributes of ASCs and details the activities and roles of the Application Security Life Cycle Reference Model (ASLCRM).
| Get this standard | Prices exclude GST | |
|---|---|---|
| PDF ( Single user document) |
$301.00 NZD
|
|
| HardCopy |
$346.00 NZD
|
|
| Networkable PDF |
Price varies
|
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Application Security Control Structure
5.1 General
5.2 ASC information requirements
5.2.1 Overview
5.2.2 Integrity assurance
5.2.3 Multilingual/multiregional data representation
5.2.4 ASC information requirements
5.3 ASC data structure recommendations
5.3.1 General
5.3.2 Exchange
5.3.3 Self-containedness
6 Application Security Life Cycle Reference Model
6.1 General
6.2 Application Management Layer
6.2.1 General
6.2.2 Initiating
6.2.3 Planning
6.2.4 Executing
6.2.5 Monitoring and controlling
6.2.6 Closing
6.3 Application provisioning and operation layer
6.3.1 General
6.3.2 Preparation: Initiating
6.3.3 Preparation: Plan
6.3.4 Outsourcing: Realization
6.3.5 Outsourcing: Transition
6.3.6 Development: Inception
6.3.7 Development: Elaboration
6.3.8 Development: Construction
6.3.9 Acquisition: Plan
6.3.10 Acquisition: Close
6.3.11 Transition: Plan
6.3.12 Transition: Development
6.3.13 Transition: Test
6.3.14 Utilization: Utilization
6.3.15 Utilization: Maintenance
6.3.16 Archival: Archival
6.3.17 Destruction: Destruction
6.4 Infrastructure management
6.4.1 General
6.4.2 Establishment of the infrastructure
6.4.3 Maintenance of the infrastructure
6.5 Application audit
6.5.1 General
6.5.2 Initiating the audit
6.5.3 Prepare the audit
6.5.4 Conduct the audit
6.5.5 Report
6.5.6 Complete the audit
6.5.7 Follow-up
6.6 Roles
7 ASC Package
Bibliography
Keep me up-to-date
Sign up to receive updates when there are changes to this standard
Related Information
Similar Standards
-
AS/NZS ISO/IEC 27001:2023
Information security, cybersecurity and privacy protection – Information security management systems – Requirements
-
AS/NZS ISO/IEC 27001:2023 A1
Information security, cybersecurity and privacy protection - Privacy enhancing data de-identification framework
-
AS/NZS ISO/IEC 27002:2022
Information security, cybersecurity and privacy protection — Information security controls
-
AS/NZS ISO/IEC 27011:2025
Information security, cybersecurity and privacy protection – Information security controls based on ISO/IEC 27002 for telecommunications organizations
Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Application Security Control Structure
5.1 General
5.2 ASC information requirements
5.2.1 Overview
5.2.2 Integrity assurance
5.2.3 Multilingual/multiregional data representation
5.2.4 ASC information requirements
5.3 ASC data structure recommendations
5.3.1 General
5.3.2 Exchange
5.3.3 Self-containedness
6 Application Security Life Cycle Reference Model
6.1 General
6.2 Application Management Layer
6.2.1 General
6.2.2 Initiating
6.2.3 Planning
6.2.4 Executing
6.2.5 Monitoring and controlling
6.2.6 Closing
6.3 Application provisioning and operation layer
6.3.1 General
6.3.2 Preparation: Initiating
6.3.3 Preparation: Plan
6.3.4 Outsourcing: Realization
6.3.5 Outsourcing: Transition
6.3.6 Development: Inception
6.3.7 Development: Elaboration
6.3.8 Development: Construction
6.3.9 Acquisition: Plan
6.3.10 Acquisition: Close
6.3.11 Transition: Plan
6.3.12 Transition: Development
6.3.13 Transition: Test
6.3.14 Utilization: Utilization
6.3.15 Utilization: Maintenance
6.3.16 Archival: Archival
6.3.17 Destruction: Destruction
6.4 Infrastructure management
6.4.1 General
6.4.2 Establishment of the infrastructure
6.4.3 Maintenance of the infrastructure
6.5 Application audit
6.5.1 General
6.5.2 Initiating the audit
6.5.3 Prepare the audit
6.5.4 Conduct the audit
6.5.5 Report
6.5.6 Complete the audit
6.5.7 Follow-up
6.6 Roles
7 ASC Package
Bibliography