BS ISO/IEC 15292:2001 defines the procedures to be applied by the JTC 1 Registration Authority, appointed by the ISO and IEC councils to maintain a register of protection profiles and packages for the purposes of IT security evaluation. These protection profiles and packages are specified in accordance with criteria given in ISO/IEC 15408.
Contents:
- Scope
- Normative references
- Terms and definitions
- Abbreviations
- Technical specifications
- The JTC 1 Registration Authority for PPs and packages
- Criteria for eligibility of applicants for registration
- Information to be included within an application for registration
- Steps involved in review and response to an application
- Criteria for rejection of applications for registration
- Operation of the register
- Maintenance of the register
- Confidentiality of information held within the register
- Publication of the register
- Appeals procedure
- Annex A (informative) - Benefits of registration
- Annex B (informative) - Lifecycle of a register entry