🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BS ISO/IEC 20243-2:2018

BS ISO/IEC 20243-2:2018

$167.15

Information technology. Open Trusted Technology ProviderTM Standard (O-TTPS). Mitigating maliciously tainted and counterfeit products – Assessment procedures for the O-TTPS and ISO/IEC 20243-1:2018

Published By Publication Date Number of Pages
BSI 2018 40
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document specifies the procedures to be utilized by an assessor when conducting a conformity assessment to the mandatory requirements in the Open Trusted Technology Provider™ Standard (O-TTPS).1

These Assessment Procedures are intended to ensure the repeatability, reproducibility, and objectivity of assessments against the O-TTPS. Though the primary audience for this document is the assessor, an Information Technology (IT) provider who is undergoing assessment or preparing for assessment, may also find this document useful.

1 The O-TTPS is freely available at: /2. The O-TTPS is technically identical to ISO/IEC 20243:2015 ISO/IEC 20243-1:2018 and is available at: /2

Open Trusted Technology ProviderTM Standard (O-TTPS) Certification Program: Assessment Procedures for the O-TTPS, ISO/IEC 20243:2015 and ISO/IEC 20243-1:2018

PDF Catalog

PDF Pages PDF Title
2 undefined
7 1. Introduction
1.1 Scope
1.2 Normative References
1.3 Terms and Definitions
1.3.1 Distributor
1.3.2 Evidence of Conformance
1.3.3 Implementation Evidence
1.3.4 O-TTPS Requirements
1.3.5 Organization
8 1.3.6 Pass-Through Reseller
1.3.7 Process Evidence
1.3.8 Scope of Assessment
1.3.9 Selected Representative Product
9 2. General Concepts
2.1 The O-TTPS
2.2 Assessment Concepts: Relevance of Scope of Assessment and Selected Representative Products
10 2.3 Relevance of IT Technology Provider Categories in the Supply Chain
12 3. Assessment Requirements
3.1 General Requirements for Assessor Activities
3.1.1 General Requirements for Evidence of Conformance
14 4. Assessor Activities for O-TTPS Requirements
4.1 PD_DES: Software/Firmware/Hardware Design Process
15 4.2 PD_CFM: Configuration Management
17 4.3 PD_MPP: Well-defined Development/Engineering Method Process and Practices
4.4 PD_QAT: Quality and Test Management
19 4.5 PD_PSM: Product Sustainment Management
20 4.6 SE_TAM: Threat Analysis and Mitigation
22 4.7 SE_VAR: Vulnerability Analysis and Response
23 4.8 SE_PPR: Product Patching and Remediation
4.9 SE_SEP: Secure Engineering Practices
25 4.10 SE_MTL: Monitor and Assess the Impact of Changes in the Threat Landscape
26 4.11 SC_RSM: Risk Management
27 4.12 SC_PHS: Physical Security
28 4.13 SC_ACC: Access Controls
29 4.14 SC_ESS: Employee and Supplier Security and Integrity
30 4.15 SC_BPS: Business Partner Security
4.16 SC_STR: Supply Chain Security Training
31 4.17 SC_ISS: Information Systems Security
4.18 SC_TTC: Trusted Technology Components
32 4.19 SC_STH: Secure Transmission and Handling
34 4.20 SC_OSH: Open Source Handling
35 4.21 SC_CTM: Counterfeit Mitigation
36 4.22 SC_MAL: Malware Detection
38 A Annex: Assessment Guidance
A.1 Guidance
39 B Annex: Assessment Report Template

Related products

BS ISO/IEC 20243-2:2018
$167.15