The standard is also sufficiently broad enough for it to be applied in a variety of technological environments, including cloud-based computing. The standard also advocates a tier-based approach to allow organizations to adopt ITAM processes that are suitable to the needs and size of the organization.Įffective IT Asset Management enables every organization to reduce its risk associated with the over or under buying of software assets (both executable and non-executable), but also works to ensure the security of those assets through effective tracking and support of the asset throughout the entire software and IT lifecycle. ISO/IEC 19770-1 is aligned to Service Management (ISO/IEC20000-1) and contains 27 process areas, with objectives and detailed outcomes defined for each. This document does not include general management issues related to physical security, environmental security and key management for cryptographic techniques.ISO/IEC 19770-1 is a framework of ITAM processes to enable an organization to prove that it is performing software asset management to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT asset management overall. Guidance on the protection of an individual's privacy during the processing of biometric information. Security requirements for securely binding between a biometric reference and an identity reference īiometric system application models with different scenarios for the storage and comparison of biometric references and Additionally, this document provides requirements and guidelines for the secure and privacy-compliant management and processing of biometric information.Īnalysis of the threats to and countermeasures inherent to biometrics and biometric system application models
This document provides guidance for the protection of biometric information under various requirements for confidentiality, integrity and renewability/revocability during storage and transfer. Biometric information protection is classified in these ICS categories: Information security, cybersecurity and privacy protection.
0 kommentar(er)
