Hi All,
ISO/IEC just published ISO/IEC 15408-4:2022 Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 4: Framework for the specification of evaluation methods and activities
This document provides a standardized framework for specifying objective, repeatable and reproducible evaluation methods and evaluation activities.
This document does not specify how to evaluate, adopt, or maintain evaluation methods and evaluation activities. These aspects are a matter for those originating the evaluation methods and evaluation activities in their particular area of interest.
This standard can be previewed here:
https://www.iso.org/obp/ui/#iso:std:iso-iec:15408:-4:ed-1:v1:enThis standard can be purchased here:
https://www.iso.org/standard/72913.html------------------------------
Michael Roza CPA, CISA, CIA, MBA, Exec MBA
------------------------------