Provides guidance and criteria for the security evaluation of operational systems. Provides an extension to the scope of ISO/IEC 15408 (ISO/IEC 15408-1, ISO/IEC 15408-2 and ISO/IEC 15408-3 have been published in South Africa as identical adoptions under
SANS 19791:2007 history
2007SANS 19791:2007 Information technology - Security techniques - Security assessment of operational systems