Codes & Standards - Purchase

IEC TR 80001-2-9:2017

Application of risk management for IT-networks incorporating medical devices - Part 2-9: Application guidance - Guidance for use of security assurance cases to demonstrate confidence in IEC TR 80001-2-2 security capabilities

SKU: iec_031953_101574 Published by IEC Publication Year 2017 1.0 Edition 35 pages

Product Details

Overview

IEC TR 80001-2-9:2017(E) establishes a security case framework and provides guidance to health care delivery organizations (HDO) and medical device manufacturers (MDM) for identifying, developing, interpreting, updating and maintaining security cases for networked medical devices. Use of this part of 80001 is intended to be one of the possible means to bridge the gap between MDMs and HDOs in providing adequate information to support the HDOs risk management of IT-networks. This document leverages the requirements set out in ISO/IEC 15026-2 for the development of assurance cases. It is not intended that this security case framework will replace a risk management strategy, rather, the intention is to complement risk management and in turn provide a greater level of assurance for a medical device by:
- mapping specific risk management steps to each of the IEC TR 80001-2-2 security capabilities, identifying associated threats and vulnerabilities and presenting them in the format of a security case with the inclusion of a re-useable security pattern;
- providing guidance for the selection of appropriate security controls to establish security capabilities and presenting them as part of the security case pattern (IEC TR 80001-2-8 provides examples of such security controls);
- providing evidence to support the implementation of a security control, hence providing confidence in the establishment of each of the security capabilities.
The purpose of developing the security case is to demonstrate confidence in the establishment of IEC TR 80001-2-2 security capabilities. The quality of artifacts gathered and documented during the development of the security case is agreed and documented as part of a responsibility agreement between the relevant stakeholders. This document provides guidance for one such methodology, through the use of a specific security pattern, to develop and interpret security cases in a systematic manner.

Language

English

Format

PDF

GST REG No R119441681
QST REG No R1006017360

Features	CSA Advantage^TM	CSA OnDemand^TM
Offline access
Full-text search
Create highlights and personal notes
Newest editions added automatically
Includes all supported languages and archive versions
My Files - create customized files by adding multiple clauses, tables or figures from the standard into your own personal File for quick reference
Toggle between your files and the full standard to maintain context
Instantly preview cross referenced material within the book
Export personal notes to Excel
Transfer notes and highlights when updates are available
Adobe Reader PDF and browser compatible for iOS and Android
Web, Android, iOS Compatible

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

en

fr

Catalogue

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Subscription

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Services

en

fr

Codes & Standards - Purchase

IEC TR 80001-2-9:2017

Product Details

Language

Format

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Language

en

fr

Currency

CAD

USD

Catalogue

Browse By Subject Area

Browse By Publisher

ICS Catalogue

Subscription

Browse By Subject Area

CSA Subscriptions

ICS Catalogue

Services

Language

en

fr

Currency

CAD

USD

Search Section

Codes & Standards - Purchase

IEC TR 80001-2-9:2017

Product Details

Language

Format