Cybersecurity and Privacy

  Group Description  
The scope of the INCITS/Cybersecurity and Privacy Technical Committee is focused on the development of international standards in information security, cybersecurity, and privacy protection. This includes generic methods, techniques, and guidelines to address both security and privacy aspects, such as:

Management of cybersecurity; in particular, information security management system (ISMS) standards, security processes, security controls and services.
Cryptographic and other security mechanisms, including but not limited to mechanisms for protecting the accountability, availability, integrity and confidentiality of information.
Security management support documentation including terminology, guidelines as well as procedures for the registration of security components.
Security aspects of identity management, biometrics, and privacy.
Conformance assessment, accreditation, and auditing requirements in the area of information security management systems.
Security evaluation criteria and methodology and security requirements for cryptographic modules.
Security requirements capture methodology.

The scope of INCITS/Cybersecurity and Privacy also includes the development of U.S. standards in information security, cybersecurity, and privacy protection. Additionally, INCITS/Cybersecurity and Privacy can collaborate with other INCITS Technical
Committee to ensure that security and privacy are adequately addressed in U.S. standards that do not have information security, cybersecurity, and privacy protection as a primary focus.

The scope of INCITS/Cybersecurity and Privacy explicitly excludes the areas of work on cyber security standardization presently underway in INCITS B10, M1, T3, T10 and T11 as well as other standard groups, such as ATIS, IEEE, IETF, TIA, and X9.

Note: INCITS/Cybersecurity and Privacy was previously known as INCITS/CS1.