Azerbaijan to adopt new standards on information security and IT-Terminology
Azerbaijan, Baku, Sept.18 / Trend H. Valiyev /
Information Technologies Technical Committee's Annual Plan for 2010 will be executed, the State Statistics Committee's technical regulation and standardization department head Sabig Abdullayev said at a press conference.
According to him, a number of standards on information technologies has already been registered, and the adoption of the rest standards is expected by late 2010. All of the standards meet ISO requirements.
According to the plan of activities, six standards for information security will be adopted by late 2010. They are (ISO / IEC 27000:2009, ISO / IEC 27003:2010, ISO / IEC 27004: 2009, ISO / IEC 27006:2007, ISO / IEC 27033-1: 2009 and ISO / IEC 17025:2005) and the three standards on IT-Terminology (ISO / IEC 2382-7:2000, ISO / IEC 2382-28:1995 and ISO / IEC 2382-34:1999).
At present, Azerbaijan has national standards of IT-Security AZS 356.2-2009 and AZS 356.3-2009, which were registered on May 18 2009 and came into force June 1. The national standard AZS 356.1-2009, which was designed on the basis of the first part of international standard ISO/IEC 15408-2008, are in use since April 20, 2009. This standard ensures application of methods and technologies of information security, as well as assessment criteria for IT security.
The standard includes information security, intellectual property copyrights, prevention of information security danger.
Application of harmonized standard ISO 15408 (Common Criteria), reflecting the most advanced global achievements in appraising information security, will enable to accustom IT to modern international requirements on information security, further simplifying application of foreign products and export and property.The standard will also provide basis for qualitative estimation of information risks, needed in insuring computerized system and reduce common expenses for supporting information security regime through unifying methods, measures and means of information security.