Buy this standard

The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site

Abstract Preview

ISO/IEC 15408-2:2008 defines the content and presentation of the security functional requirements to be assessed in a security evaluation using ISO/IEC 15408. It contains a comprehensive catalogue of predefined security functional components that will meet most common security needs of the marketplace. These are organized using a hierarchical structure of classes, families and components, and supported by comprehensive user notes.

ISO/IEC 15408-2:2008 also provides guidance on the specification of customized security requirements where no suitable predefined security functional components exist.


General information

  • Status :  Published
    Publication date : 2008-08
    Corrected version (en) : 2011-05
  • Edition : 3
    Number of pages : 218
  • Technical Committee
    :
    ISO/IEC JTC 1/SC 27
    Information security, cybersecurity and privacy protection
  • ICS :
    35.030
    IT Security

Buy this standard

Format Language
Paper
  • CHF198

Life cycle

A standard is reviewed every 5 years



Revisions / Corrigenda

Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information.

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 15408-2:2008