TCSEC

The US Department of Defense published its Trusted Computer System Evaluation Criteria standard in December 1985, which allows qualifying information systems on the basis of security aspects. This standard is still applied and obligatory in the field of information technology purchases for government and defense systems in the USA.
TCSEC classifies IT systems into four groups on the basis of security aspects, qualifying the effectiveness of security control built in the information processing systems on the basis of protection levels of different strengths. Currently the D, C1, C2, B1, B2, B3 and A1 classes are applied, where D represents the minimal, and A1 the highest level of proven individual protection. The classification requires qualification to be performed in four areas: security policy, accountability, assurance and documentation.

TCSEC
ITSEC
Common Criteria 2.1 (ISO/IEC 15408:1999)
ITIL 2. (BS 15000:2000)
BS 7799-1 (ISO/IEC 17799:2000)
BS 7799-2
ISO 9000-3
COBIT 3

Print page

Top of the page

Back