CHAPTER-11.    INFORMATION TECHNOLOGY

JS ISO/IEC TR 12785-3 : 2012

Information technology — Learning, education, and training — Content packaging —  Part 3: Best practice and implementation guide

Presents use cases and shows how they are satisfied by ISO/IEC 12785-1 which is derived from the IMS Global Learning Consortium (GLC) Content Packaging version 1.2 (v1.2).

Though not exhaustive, the range of use cases presented in this part of ISO/IEC 12785 illustrate how the most common issues in the creation, management, and playback of learning material can be addressed by the ISO/IEC 12785 series. The use cases were contributed by various implementers and users of the IMS Content Packaging and are based on years of practice. ISBN 978-976-604-570-8

JS ISO/IEC/IEEE 16326: 2009

Systems and software engineering —Lifecycle processes — Project management

Is intended to aid project managers in managing to the successful conclusion those

projects concerned with software-intensive systems and software products.

This International Standard specifies the required content of the project management plan (PMP). This International Standard also quotes the extracted purpose and outcome statements from the project processes of ISO/IEC 12207:2008 (IEEE Std 12207-2008) and ISO/IEC 15288:2008 (IEEE Std 15288-2008), and adds detailed guidance for managing projects that use these processes for software products and software-intensive systems.

ISBN 978-976-604-537-1

JS ISO/IEC 19788-3 : 2011

Information technology — Learning, education and training —
Metadata for learning resources —Part 3:
Basic
application profile

Specifies metadata elements and their attributes for the description of learning resources. This includes the rules governing the identification of data elements and the specification of their attributes.. ISO/IEC 19788 provides data elements for the description of learning resources and resources directly related to learning resources. ISBN 978-976-604-571-5

JS ISO/IEC 19788-5 : 2012

Information technology -- Learning, education and training
-- Metadata for learning resources – Part 5: Educational elements

Specifies, in a rule-based manner, metadata elements and their attributes for the description of learning resources. This includes the rules governing the identification of metadata elements and the specification of metadata attributes. These metadata elements are used to form the description of a learning resource, i.e. as a metadata learning resource (MLR) record.This part of ISO/IEC 19788 specifies, using the framework specified in ISO/IEC 19788-1, educational aspects of learning resources across various educational, cultural and linguistic settings.  ISBN 978-976-604-572-2

JS ISO/IEC 24751-3: 2008

accessibility in e-learning, education
Information technology — Individualized adaptability and
and training —
Part 3: “Access for all” digital resource description

Is intended to meet the needs of learners with disabilities and anyone who is disabled by their context. This part of ISO/IEC 24751 provides a common language to describe digital learning resources to facilitate matching of those resources to learners’ accessibility needs and preferences. ISBN 978-976-604-573-9

JS ISO/IEC 24762: 2008

Information technology — Security techniques —Guidelines for information and communications technology disaster recovery services

Describes the basic practices which ICT DR service providers, both in-house and outsourced, should consider. It covers the requirements that service providers should meet, recognizing that individual organizations may have additional requirements that are specific to them (which would have to be addressed in the agreements/contracts with service providers). Examples of such organization requirements may include special encryption software and secured operation procedures, equipment, knowledgeable personnel and application documentation. Such additional organization specific requirements, if necessary, are generally negotiated on a case-by-case basis and are the subject of detailed contract negotiations between organizations and their ICT DR service providers and are not within the scope of this International Standard

ISBN 978-976-604-542-5

JS ISO/IEC TR 24763 : 2011

Information technology — Learning, education and training — Conceptual Reference Model for Competency Information and Related Objects

Provides a Conceptual Reference Model that comprises categories of items, attributes,
and relationships. It can be used to identify the relationships between concepts represented within an information technology for learning, education
and training (ITLET) system, such as competency, knowledge, skills, capabilities, qualifications, performance, and learning objectives. It can be used to identify related objects that are used to convey competency information. ISBN 978-976-604-569-2

JS ISO/IEC 27000: 2009

Information technology — Security techniques —Information security management systems —Overview and vocabulary

Provides:

a) an overview of the ISMS family of standards;

b) an introduction to information security management systems (ISMS);

c) a brief description of the Plan-Do-Check-Act (PDCA) process; and

d) terms and definitions for use in the ISMS family of standards.

This International Standard is applicable to all types of organization (e.g. commercial enterprises, government agencies, non-profit organizations).

ISBN 978-976-604-543-2

JS ISO/IEC 27001: 2017

Jamaican Standard Specification for  Information technology Security techniques  Information security management systems – Requirements

This specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. This standard also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. These International Standards are generic and are intended to be applicable to all organizations, regardless of type, size or nature.

ISBN 978-976-604-833-4

JS ISO/IEC 27002: 2017

Jamaican Standard Specification for Information technology — Security techniques — Code of practice for information security control

This international standard give guidelines for organizational security standard and information security management practices including the selection, implementation and management of controls taking into consideration the organization’s information security risk environment(s).

ISBN 978-976-604-834-1

JS ISO/IEC 27003: 2010

Information technology — Security techniques —Information security management system implementation guidance

Focuses on the critical aspects needed for successful design and implementation of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes the process of ISMS specification and design from inception to the production of implementation plans. It describes the process of obtaining management approval to implement an ISMS, defines a project to implement an ISMS (referred to in this International Standard as the ISMS project), and provides guidance on how to plan the ISMS project, resulting in a final ISMS project implementation plan.

This International Standard is intended to be used by organizations implementing an ISMS. It is applicable to all types of organization (e.g. commercial enterprises, government agencies, non-profit organizations) of all sizes.

ISBN 978-976-604-544-9

JS ISO/IEC 27004: 2009

Information technology Security techniques Information security management Measurement

Provides guidance on the development and use of measures and measurement in

order to assess the effectiveness of an implemented information security management system (ISMS) and controls or groups of controls, as specified in ISO/IEC 27001.

This International Standard is applicable to all types and sizes of organization.

ISBN 978-976-604-545-6

JS ISO/IEC 27005: 2011

Information technology Security techniques Information security risk management

Provides guidelines for information security risk management.

This International Standard supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach. This International Standard is applicable to all types of organizations (e.g. commercial enterprises ,government agencies, non-profit organizations) which intend to manage risks that could compromise the organization’s information security.

ISBN 978-976-604-546-3

JS ISO/IEC/TR  27008: 2010

 Information technology — Security techniques — Guidelines for auditors on information security controls

Provides guidance on reviewing the implementation and operation of controls, including technical compliance checking of information system controls, in compliance with an organization's established information security standards.

This Technical Report is applicable to all types and sizes of organizations, including public and private companies, government entities, and not-for-profit organizations conducting information security reviews and technical compliance checks. This Technical Report is not intended for management systems audits.

ISBN 978-976-604-552-4

 JS ISO/IEC 27010: 2012

 Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications

Provides guidelines in addition to guidance given in the ISO/IEC 27000 family of standards for implementing information security management within information sharing communities.

This International Standard provides controls and guidance specifically relating to initiating, implementing, maintaining, and improving information security in inter-organizational and inter-sector communications.

This International Standard is applicable to all forms of exchange and sharing of sensitive information, both public and private, nationally and internationally, within the same industry or market sector or between sectors. In particular, it may be applicable to information exchanges and sharing relating to the provision, maintenance and protection of an organization’s or nation state’s critical infrastructure.

ISBN 978-976-604-553-1

JS ISO/IEC 27031: 2011

Information technology — Security techniques —Guidelines for information and communication technology readiness for business continuity

Describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to

identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity (IRBC) program, and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity(including security) of critical business functions. It also enables an organization to measure performance

parameters that correlate to its IRBC in a consistent and recognized manner.

The scope of this International Standard encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.

ISBN 978-976-604-554-8

JS ISO/IEC 27032: 2012

Information technology Security techniques Guidelines for cybersecurity

Is applicable to providers of services in the Cyberspace. The audience, however, includes the consumers that use these services. Where organizations provide services in the Cyberspace to people for use at home or other organizations, they may need to prepare guidance based on this International Standard that

contains additional explanations or examples sufficient to allow the reader to understand and act on it. This International Standard does not address:

— Cybersafety,

— Cybercrime,

— CIIP,

— Internet safety, and

Internet related crime.

ISBN 978-976-604-555-5

JS ISO/IEC 27033 -1: 2009

Information technology — Security techniques —Network security —

Part 1: Overview and concepts

Provides an overview of network security and related definitions. It defines and

describes the concepts associated with, and provides management guidance on, network security. (Network security applies to the security of devices, security of management activities related to the devices, applications/services, and end-users, in addition to security of the information being transferred across the communication links.)

It is relevant to anyone involved in owning, operating or using a network. This includes senior managers and other non-technical managers or users, in addition to managers and administrators who have specific responsibilities for information security and/or network security, network operation, or who are responsible for an organization’s overall security program and security policy development. It is also relevant to anyone involved in the planning, design and implementation of the architectural aspects of network security.

ISBN 978-976-604-556-2

 JS ISO/IEC 27033 -2: 2012

Information technology — Security techniques — Network security Part 2: Guidelines for the design and implementation of network security

Gives guidelines for organizations to plan, design, implement and document network security.

ISBN 978-976-604-557-9

 

 

 JS ISO/IEC 27033 -3: 2010

Information technology — Security techniques — Network security —

Part 3: Reference networking scenarios — Threats, design techniques and control issues

Describes the threats, design techniques and control issues associated with reference network scenarios. For each scenario, it provides detailed guidance on the security threats and the security design techniques and controls required to mitigate the associated risks. Where relevant, it includes references to ISO/IEC 27033-4 to ISO/IEC 27033-6 to avoid duplicating the content of those documents.

ISBN 978-976-604-558-6

 JS ISO/IEC 27035: 2011

Information technology — Security techniques — Information security incident management

Provides a structured and planned approach to: detect, report and assess information security incidents; respond to and manage information security incidents; detect, assess and manage information security vulnerabilities; and continuously improve information security and incident management as a result of managing information security incidents and vulnerabilities. This International Standard provides guidance on information security incident management for large and medium-sized organizations. Smaller organizations can use a basic set of documents, processes and routines described in this International Standard, depending on their size and type of business in relation to the information security risk situation. It also provides guidance for external organizations providing information security incident management services.

ISBN 978-976-604-559-3

JS ISO  /IEC TR 29138-1:2009

Information technology -- Accessibility considerations for people with disabilities -- Part 1: User needs summary

Identifies a collection of user needs of people with disabilities for standards developers to take into consideration when developing or revising their standards. These user needs are also

useful for developers of information technology products and services and for accessibility advocates to consider. In addition to identifying user needs, this part of ISO/IEC TR 29138 identifies problems.

ISBN 978-976-604-547-0

JS ISO /IEC TR 29138-2:2009   

Information technology -- Accessibility considerations for people with disabilities -- Part 2: Standards inventory

Identifies a collection of documents (which it refers to as standards even

though they encompass more than traditional ISO and ISO/IEC standards) that provides guidance on meeting the needs of people with disabilities. While its primary audience is standards developers, it can also be helpful for developers of information technology products and services, policy makers, procurers and for accessibility advocates to consider.

ISBN 978-976-604-548-7

JS ISO/IEC TR 29138-3: 2009

Information technology Accessibility considerations for people with disabilities Part 3: Guidance on user needs mapping

Provides guidance on the mapping of the set of user needs with the provisions

of  a particular standard, technical report, or set of guidelines. It provides both basic guidance that should be used for all user needs mapping and optional guidance that may be added to the basic guidance. User needs mapping is a voluntary activity intended to help improve accessibility for all users and in particular for users with special needs that might otherwise be overlooked. User needs mapping is not intended to be used to evaluate, certify, or otherwise judge a given standard or set of guidelines.

ISBN 978-976-604-549-4

 JS ISO/IEC TR 29149: 2012

Information technology — Security techniques — Best practices for the provision and use of time-stamping services

Explains how to provide and use time-stamping services so that time-stamp tokens are effective when used to provide timeliness, data integrity, and non-repudiation services in conjunction with other mechanisms. It defines:

how time-stamp requesters should use time-stamp token generation services;

how TSAs (time-stamping authorities) should provide a service of guaranteed quality;

how TSAs should deserve trust based on good practices;

which algorithms and parameters should be used in TST (time-stamp token) generation and TST renewal, so that TSTs resist during the time period during which the TSTs can be verified as being valid;

how time-stamp verifiers should use the time-stamp token verification services, both when validating individual TSTs, and when validating sequences of renewal TSTs.

ISBN 978-976-604-550-0

Have you found this information useful ?
Please share your feedback below and help us improve our content.