Abstract

ISO/IEC 15408-2:2008 defines the content and presentation of the security functional requirements to be assessed in a security evaluation using ISO/IEC 15408. It contains a comprehensive catalogue of predefined security functional components that will meet most common security needs of the marketplace. These are organized using a hierarchical structure of classes, families and components, and supported by comprehensive user notes.

ISO/IEC 15408-2:2008 also provides guidance on the specification of customized security requirements where no suitable predefined security functional components exist.


General information 

  • Status
     :  Withdrawn
    Publication date
     : 2008-08
    Corrected version (en)
     : 2011-05
  • Edition
     : 3
    Number of pages
     : 218
  • Technical Committee
     : ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection
  • ICS
     :
    35.030 IT Security

Life cycle


Got a question?

Check out our FAQs

Customer care
+41 22 749 08 88

Opening hours:
Monday to Friday - 09:00-12:00, 14:00-17:00 (UTC+1)

Keep up to date with ISO

Sign up to our newsletter for the latest news, views and product information.

  2. Store
  3. Standards catalogue
  4. ICS
  5. 35
  6. 35.030
  7. ISO/IEC 15408-2:2008