Skip to main content
{{cartCount}} Cart

ISO/IEC TS 19608:2018

Current Date published:

Guidance for developing security and privacy functional requirements based on ISO/IEC 15408

This document provides guidance for:

— selecting and specifying security functional requirements (SFRs) from ISO/IEC 15408-2 to protect Personally Identifiable Information (PII);

— the procedure to define both privacy and security functional requirements in a coordinated manner; and

— developing privacy functional requirements as extended components based on the privacy principles defined in ISO/IEC 29100 through the paradigm described in ISO/IEC 15408-2.

The intended audience for this document are:

— developers who implement products or systems that deal with PII and want to undergo a security evaluation of those products using ISO/IEC 15408. They will get guidance how to select security functional requirements for the Security Target of their product or system that map to the privacy principles defined in ISO/IEC 29100;

— authors of Protection Profiles that address the protection of PII; and

— evaluators that use ISO/IEC 15408 and ISO/IEC 18045 for a security evaluation.

This document is intended to be fully consistent with ISO/IEC 15408; however, in the event of any inconsistency between this document and ISO/IEC 15408, the latter, as a normative standard, takes precedence.

Get this standard Prices exclude GST
HardCopy
$389.00 NZD
Networkable PDF
Price varies
view preview view preview
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 48

Keep me up-to-date

Sign up to receive updates when there are changes to this standard

Related Information

Similar Standards

  • AS/NZS ISO/IEC 27001:2023

    Information security, cybersecurity and privacy protection – Information security management systems – Requirements

  • AS/NZS ISO/IEC 27001:2023 A1

    Information security, cybersecurity and privacy protection - Privacy enhancing data de-identification framework

  • AS/NZS ISO/IEC 27002:2022

    Information security, cybersecurity and privacy protection — Information security controls

  • AS/NZS ISO/IEC 27011:2025

    Information security, cybersecurity and privacy protection – Information security controls based on ISO/IEC 27002 for telecommunications organizations

view preview view preview
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Preview only close
Prev {{ page }}/ {{ numPages }} Next
Pages: 48

ISO/IEC TS 19608:2018

Get this standard Prices exclude GST
HardCopy
$389.00 NZD
Networkable PDF
Price varies

Request to add this standard to your subscription

ISO/IEC TS 19608:2018

Price varies
Online library subscription

Your organisation’s Account Administrator must approve a request to add a standard to your subscription.

You may add a comment to the administrator below.

Cancel