ISO/IEC TR 15443-3:2007
Information technology -- Security techniques -- A framework for IT security assurance -- Part 3: Analysis of assurance methods
ISO/IEC TR 15443-3:2007 provides general guidance to an assurance authority in the choice of the appropriate type of international communications techology (ICT) assurance methods and to lay the framework for the analysis of specific assurance methods for specific environments.
ISO/IEC TR 15443-3:2007 will allow the user to match specific assurance requirements and/or typical assurance situations with the general characteristics offered by available assurance methods.
The guidance of ISO/IEC TR 15443-3:2007 is applicable to the development, implementation and operation of ICT product and ICT systems with security requirements.
The advice given in ISO/IEC TR 15443-3:2007 will be qualitative and summary, and the user may need to analyse which methods presented in ISO/IEC TR 15443-2 will suit best his specific deliverables and organisational security requirements.