Anjar Priandoyo

Catatan Setiap Hari

Posts Tagged ‘ISO

ISO Mapping Research

leave a comment »

Well, I think, finally I found the limit of ISO and related standards research limitation. I think the purpose of commercial consultant is to implement the standard, not to design the new standard or best practices. A consultant might claim and rely that they follow a certain standard, which is already enough.

Ref:
– ISO 21500:2012 and PMBoK 5 processes in information systems project management, Varajão (2016)
– Teaching ISO/IEC 12207 software lifecycle processes: A serious game approach, Aydan (2016)
– Comparing ISO/IEC 12207 and CMMI-DEV: Towards a mapping of ISO/IEC 15504-7, Baldassarre (2009)

ISO 33000 Process Improvement, Assessment, Maturity Model

Written by Anjar Priandoyo

April 20, 2020 at 12:25 pm

Ditulis dalam Science

Tagged with

Alignment and comparison of ISO standards

leave a comment »

My head hurt when reading this. This is very complex interaction. To meet ISO standard will takes a lot of time.

graphic ref

Written by Anjar Priandoyo

April 20, 2020 at 10:59 am

Ditulis dalam Science

Tagged with

Software: Testing vs Quality Assurance

leave a comment »

ISO 13407:1999 Human-centred design processes for interactive systems
ISO 9241-210:2010 Ergonomics of human-system interaction

ISO/IEC 19796-1:2005 Information technology — Learning, education and training — Quality management, assurance and metrics

ISO/IEC JTC 1 is a joint technical committee of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its purpose is to develop, maintain and promote standards in the fields of information technology (IT) and Information and Communications Technology (ICT).

A Review of Software Quality Models for the Evaluation of Software Products
José P. Miguel, David Mauricio, Glen Rodríguez (2014) ref

QA: Encompasses the entire software development

Wiki: Software Testing, Software Quality Assurance, System Integration Testing, Acceptance Testing (Cucumber, Selenium)

ISO/IEC/IEEE 29119 Software and systems engineering — Software testing

Written by Anjar Priandoyo

April 19, 2020 at 10:00 pm

Ditulis dalam Science

Tagged with

ISO/IEC JTC 1/SC 27

leave a comment »

ISO

ISO/IEC Standard Title Status Description WG
ISO/IEC 27000 free Information technology – Security techniques – Information security management systems – Overview and vocabulary Published (2018) Describes the overview and vocabulary of ISMS 1
ISO/IEC 27001 Information technology – Security techniques – Information security management systems – Requirements Published (2013) Specifies the requirements for establishing, implementing, monitoring, and maintaining documented a documented ISMS within an organization.[16] “Transition mapping” ISO/IEC 27023 provides a set of tables showing the correspondence between editions 1 and 2 of the standard 1
ISO/IEC 27002 Information technology – Security techniques – Code of practice for information security controls Published (2013) Provides guidelines for information security management practices for use by those selecting, implementing, or maintaining ISMS “Transition mapping” ISO/IEC 27023 provides a set of tables showing the correspondence between editions 1 and 2 of the standard 1
ISO/IEC 27006 Information technology — Security techniques — Requirements for bodies providing audit and certification of information security management systems Published (2015) Specifies general requirements for a third-party body operating ISMS (in accordance with ISO/IEC 27001:2005) certification/registration has to meet, if it is to be recognized as competent and reliable in the operation of ISMS certification / registration[18] 1
ITU-T X.1051 / ISO/IEC 27011 Information technology — Security techniques — Information security management guidelines for telecommunications organizations based on ISO/IEC 27002 Published (2008) This recommendation/international standard: a) establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in telecommunications organizations based on ISO/IEC 27002; b) provides an implementation baseline of Information Security Management within telecommunications organizations to ensure the confidentiality, integrity and availability of telecommunications facilities and services 1
ISO/IEC 18033-1 Information technology – Security techniques – Encryption algorithms – Part 1: General Published (2015) Specifies encryption systems for the purpose of data confidentiality 2
ISO/IEC 19772 Information technology – Security techniques – Authenticated encryption Published (2009) Specifies six methods for authenticated encryption with the security objectives of: Data confidentialityData integrityData origin authentication 2
ISO/IEC 15408-1 free Information technology – Security techniques – Evaluation criteria for IT security – Part 1: Introduction and general model Published (2009, corrected and reprinted 2014) Establishes the general concepts and principles of IT security evaluation, and specifies the general model of evaluation given by various other parts of ISO/IEC 15408. 3
ISO/IEC 19792 Information technology – Security techniques – Security evaluation of biometrics Published (2009) Specifies the subjects to be addressed during the security evaluation of a biometric system 3
ISO/IEC 27031 Information technology – Security techniques – Guidelines for information and communication technology readiness for business continuity Published (2011) Describes the concepts and principles of ICT readiness for business continuity and the method and framework needed to identify aspects in which to improve it. 4
ISO/IEC 27034-1 Information technology – Security techniques – Application security – Part 1: Overview and concepts Published (2011) Addresses the management needs for ensuring the security of applications and presents an overview of application security through the introduction of definitions, concepts, principles and processes 4
ISO/IEC 27035 Information technology — Security techniques — Information security incident management Published (2011) Provides a structured and planned approach to: Detect, report, and assess information security incidents Respond to and manage information security incidentsDetect, assess, and manage information security vulnerabilities 4
ISO/IEC 27037 Information technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence Published (2012) Provides guidance for the handling of digital evidence that could be of evidential value 4
ISO/IEC 24760-1 free Information technology – Security techniques – A framework for identity management – Part 1: Terminology and concepts Published (2011) Provides a framework for the secure and reliable management of identities by:[28]Defining the terms for identity management Specifying the core concepts of identity and identity management 5
ISO/IEC 24761 Information technology – Security techniques – Authentication context for biometrics Published (2009) Specifies the structure and data elements of Authentication Context for Biometrics (ACBio), which checks the validity of biometric verification process results 5
ISO/IEC 29100 free Information technology – Security techniques – Privacy framework Published (2011) Provides a privacy framework that: Specifies a common privacy terminologyDescribes privacy safeguarding considerationsProvides references to known privacy principles for IT 5
ISO/IEC 29101 Information technology – Security techniques – Privacy architecture framework Published (2013) Defines a privacy architecture framework that: Specifies concerns for ICT systems that process PIILists components for the implementation of such systemsProvides architectural views contextualizing these componentsApplicable to entities involved in specifying, procuring, designing, testing, maintaining, administering and operating ICT systems that process PII. Focuses primarily on ICT systems that are designed to interact with PII principals. 5
ISO/IEC 24760-2 Information technology – Security techniques – A framework for identity management – Part 2: Reference architecture and requirements Published (2015) Provides guidelines for the implementation of systems for the management of identity information and specifies requirements for the implementation and operation of a framework for identity management.

 

 

Written by Anjar Priandoyo

April 19, 2020 at 5:49 pm

Ditulis dalam Science

Tagged with

ISO/IEC JTC 1/SC 7

leave a comment »

ISO

ISO/IEC Standard Title Status Description WG
ISO/IEC TR 19759 Software Engineering – Guide to the Software Engineering Body of Knowledge (SWEBOK) Published (2005) Identifies and describes the subset of body of knowledge of software engineering that is generally accepted 20
ISO/IEC 15288 Systems and software engineering – System life cycle processes Published (2008) Establishes a common framework for describing the life cycle of systems created by humans and defines a set of processes and associated terminology 7
ISO/IEC 12207 Systems and software engineering – Software life cycle processes Published (2008) Establishes a common framework for software life cycle processes with well-defined terminology 7
ISO/IEC 20000-1 Information technology – Service management – Part 1: Service management system requirements Published (2011) Specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain, and improve a service management system (SMS) 25
ISO/IEC 15504-1 Information technology – Process assessment – Part 1: Concepts and vocabulary Published (2004) Provides overall information on the concepts of process assessment and its use in the two contexts of process improvement and process capability determination 10
ISO/IEC/IEEE 42010 Systems and software engineering – Architecture description Published (2011) Addresses the creation, analysis, and sustainment of architectures of systems through the use of architecture descriptions 42
ISO/IEC TR 29110-1 Software engineering – Lifecycle profiles for Very Small Entities (VSEs) – Part 1: Overview Published (2011) Introduces the characteristics and requirements of a VSE and clarifies the rationale for VSE-specific profiles, documents, standards, and guides 24
ISO/IEC TR 9126-2 Software engineering – Product quality – Part 2: External metrics Published (2003) Provides external metrics for measuring attributes of six external quality characteristics defined in ISO/IEC 9126-1
ISO/IEC 10746-1 Information technology – Open Distributed Processing – Reference model: Overview Published (1998) Provides: An introduction and motivation for ODPAn overview of the Reference Model of Open Distributed Processing (RM-ODP) and an explanation of its key concepts Gives guidance on the application of RM-ODP 19
ISO/IEC 19770-1 Information technology – Software asset management – Part 1: Processes and tiered assessment of conformance Published (2012) Establishes a baseline for an integrated set of processes for Software Assessment Management (SAM), divided into tiers to allow for incremental implementation, assessment, and recognition 21
ISO/IEC 24744 Software engineering — Metamodel for development methodologies Published (2014) Specifies a metamodel for development methodologies and related information. 19
ISO/IEC/IEEE 26511 Systems and software engineering — Requirements for managers of user documentation Published (2011) Specifies procedures for managing user documentation throughout the software life cycle. 2
ISO/IEC/IEEE 26512 Systems and software engineering — Requirements for acquirers and suppliers of user documentation Published (2011) Defines the documentation process from the acquirer’s standpoint and the supplier’s standpoint. 2
ISO/IEC/IEEE 26513 Systems and software engineering — Requirements for testers and reviewers of user documentation Published (2009) Defines the process in which user documentation products are tested. 2
ISO/IEC/IEEE 26514 Systems and software engineering — Requirements for designers and developers of user documentation Published (2008) Specifies the structure, content, and format for user documentation, and provides informative guidance for user documentation style. 2
ISO/IEC/IEEE 26515 Systems and software engineering — Developing user documentation in an agile environment Published (2011) Specifies the way in which user documentation can be developed in agile development projects. 2

 

Written by Anjar Priandoyo

April 19, 2020 at 5:44 pm

Ditulis dalam Science

Tagged with

ISO Standard

leave a comment »

PROCESS ASSESSMENT/CAPABILITY
ISO/IEC 15504:2012 (Expired) Information technology – Process assessment, also termed Software Process Improvement and Capability Determination (SPICE)
ISO/IEC 33001:2015 Information technology – Process assessment – Concepts and terminology

ISO 21500:2012 (1st Project Management)
The first in a family of project management standards, align with related standards such as
– ISO 10005:2005 Quality management systems − Guidelines for quality plans,
– ISO 10006:2003 Quality management systems − Guidelines for quality management in projects,
– ISO 10007:2003 Quality management systems − Guidelines for configuration management,
– ISO 31000:2009 Risk management – Principles and guidelines

RISK MANAGEMENT
ISO 31000:2009 (1st)
ISO 31000:2018 (2nd)

QUALITY ASSURANCE
– ISO/IEC 9126:1991
– ISO/IEC 9126:2001
– ISO/IEC 25010:2011 Systems and software engineering – Systems and software Quality Requirements and Evaluation (SQuaRE) – System and software quality models

SOFTWARE LIFE CYCLE PROCESSES
ISO/IEC/IEEE 12207 Systems and software engineering – Software life cycle processes
ISO/IEC 12207:2008
ISO/IEC 12207:1995

ISO/IEC 27000 Information Security Management Systems (ISMS)
ISO 27001:2005, 2013

ISO/IEC 20000 IT Service Management
ISO 20000:2005, 2011, 2012

ISO/IEC 15288:2015 Systems engineering standard covering processes and lifecycle stages.
ISO/IEC 15288:2008 (harmonized with ISO/IEC 12207:2008)
ISO/IEC 15288:2002 (first edition)

Written by Anjar Priandoyo

April 19, 2020 at 5:00 pm

Ditulis dalam Science

Tagged with

ISO Standard

leave a comment »

ISO/IEC 17025 General requirements for the competence of testing and calibration laboratories

ISO 20022 is an ISO standard for electronic data interchange between financial institutions. ISO 20022 is the successor to ISO 15022; originally ISO 20022 was called ISO 15022 2nd Edition. ISO 15022 was the successor of ISO 7775.

ISO/IEC 7816 is an international standard related to electronic identification cards with contacts, especially smart cards, managed jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Created and updated in in 1987, 1998, 2003 and 2011

ISO 8583 ISO for financial transaction card originated interchange messaging. It is for systems that exchange electronic transactions initiated by cardholders using payment cards.

Others:

ISO/IEC/IEEE 12207 Systems and software engineering – Software life cycle processes (1995)

ISO/IEC TS 22237-1:2018 Information technology — Data centre facilities and infrastructures — Part 1: General concepts

Written by Anjar Priandoyo

April 14, 2020 at 4:55 pm

Ditulis dalam Science

Tagged with

ISO 27001

leave a comment »

Menarik, sebenarnya sudah dari dulu mengincar sertifikasi ini, cuman kelihatannya masih mempertimbangkan untung ruginya.

Written by Anjar Priandoyo

Maret 20, 2020 at 5:08 pm

Ditulis dalam Science

Tagged with ,

ISO Standard

leave a comment »

ISO Standard

Written by Anjar Priandoyo

Februari 8, 2020 at 7:39 am

Ditulis dalam Science

Tagged with