InterNational Committee for Standards (INCITS) Secretariat: Information Technology Industry Council (ITI) 1101 K Street NW, Suite 610, Washington, DC 20005 www.INCITS.org

eb-2019-00359

Document Date: 08/08/2019 To: INCITS Members Reply To: Deborah J. Spittle Subject: Public Review and Comments Register for the Adoption of:

Due Date: The public review is from August 9, 2019 to October 8, 2019.

The InterNational Committee for Information Technology Standards (INCITS) announces that the Action: subject-referenced document(s) is being circulated for a 60-day public review and comment period. Comments received during this period will be considered and answered. Commenters who have objections/suggestions to this document should so indicate and include their reasons.

All comments should be forwarded not later than the date noted above to the following address:

INCITS Secretariat/ITI 1101 K Street NW - Suite 610 Washington DC 20005-3922 Email: [email protected] (preferred)

This public review also serves as a call for patents and any other pertinent issues (copyrights, trademarks). Correspondence regarding intellectual property rights may be emailed to the INCITS Secretariat at [email protected].

INCITS/ISO/IEC 11770- Information technology -- Security techniques -- management -- Part 6: Key 6:2016[201x] derivation INCITS/ISO/IEC Information technology — Security techniques — Random bit generation 18031:2011/AM AMENDMENT 1: Deterministic random bit generation 1:2017[201x] INCITS/ISO/IEC 18370- Information technology -- Security techniques -- Blind digital signatures -- Part 1: 1:2016[201x] General INCITS/ISO/IEC 19592- Information technology -- Security techniques -- Secret sharing -- Part 1: General 1:2016[201x] INCITS/ISO/IEC 19592- Information technology -- Security techniques -- Secret sharing -- Part 2: 2:2017[201x] Fundamental mechanisms INCITS/ISO/IEC 19896- IT security techniques -- Competence requirements for information security testers 2:2018[201x] and evaluators -- Part 2: Knowledge, skills and effectiveness requirements for ISO/IEC 19790 testers INCITS/ISO/IEC 19896- IT security techniques -- Competence requirements for information security testers 3:2018[201x] and evaluators -- Part 3: Knowledge, skills and effectiveness requirements for ISO/IEC 15408 evaluators INCITS/ISO/IEC Privacy enhancing data de-identification terminology and classification of 20889:2018[201x] techniques INCITS/ISO/IEC Information technology -- Security techniques -- Information security management 27004:2016[201x] -- Monitoring, measurement, analysis and evaluation INCITS/ISO/IEC Information technology -- Security techniques -- Information security risk 27005:2018[201x] management INCITS/ISO/IEC Information technology - Security techniques - Code of practice for Information 27011:2016/COR security controls based on ISO/IEC 27002 for telecommunications organizations 1:2018[201x] TECHNICAL CORRIGENDUM 1 INCITS/ISO/IEC Information technology -- Security techniques -- Code of practice for protection of 27018:2019[201x] personally identifiable information (PII) in public clouds acting as PII processors INCITS/ISO/IEC 27034- Information technology -- Application security -- Part 3: Application security 3:2018[201x] management process INCITS/ISO/IEC 27034- Information technology -- Security techniques -- Application security -- Part 5: 5:2017[201x] Protocols and application security controls data structure INCITS/ISO/IEC 27034- Information technology -- Security techniques -- Application security -- Part 6: 6:2016[201x] Case studies INCITS/ISO/IEC 27034- Information technology -- Application security -- Part 7: Assurance prediction 7:2018[201x] framework INCITS/ISO/IEC 27035- Information technology -- Security techniques -- Information security incident 1:2016[201x] management -- Part 1: Principles of incident management INCITS/ISO/IEC 27035- Information technology -- Security techniques -- Information security incident 2:2016[201x] management -- Part 2: Guidelines to plan and prepare for incident response INCITS/ISO/IEC 27036- Information technology -- Security techniques -- Information security for supplier 1:2014[201x] relationships -- Part 1: Overview and concepts INCITS/ISO/IEC 27036- Information technology -- Security techniques -- Information security for supplier 2:2014[201x] relationships -- Part 2: Requirements INCITS/ISO/IEC 27036- Information technology -- Security techniques -- Information security for supplier 3:2013[201x] relationships -- Part 3: Guidelines for information and communication technology supply chain security INCITS/ISO/IEC 27036- Information technology -- Security techniques -- Information security for supplier 4:2016[201x] relationships -- Part 4: Guidelines for security of cloud services INCITS/ISO/IEC 27050- Information technology -- Security techniques -- Electronic discovery -- Part 1: 1:2016[201x] Overview and concepts INCITS/ISO/IEC 27050- Information technology -- Electronic discovery -- Part 2: Guidance for governance 2:2018[201x] and management of electronic discovery INCITS/ISO/IEC Information technology - Security techniques - Privacy framework Amendment 1: 29100:2011/AM1:2018[201x] Clarifications INCITS/ISO/IEC Information technology -- Security techniques -- Privacy architecture framework 29101:2018[201x] INCITS/ISO/IEC Information technology -- Security techniques -- Guidelines for privacy impact 29134:2017[201x] assessment INCITS/ISO/IEC Information technology -- Security techniques -- A framework for access 29146:2016[201x] management INCITS/ISO/IEC Information technology -- Security techniques -- Vulnerability disclosure 29147:2018[201x] INCITS/ISO/IEC 19896- IT security techniques -- Competence requirements for information security testers 1:2018[201x] and evaluators -- Part 1: Introduction, concepts and general requirements INCITS/ISO/IEC 18013- Information technology -- Personal identification -- ISO-compliant driving license -- 1:2018[201x] Part 1: Physical characteristics and basic data set INCITS/ISO/IEC 7811- Identification cards -- Recording technique -- Part 7: Magnetic stripe: High 7:2018[201x] coercivity, high density INCITS/ISO/IEC 7816- Identification cards -- cards -- Part 11: Personal verification 11:2017[201x] through biometric methods INCITS/ISO/IEC 7816- Identification cards -- Integrated circuit cards -- Part 15: Cryptographic information 15:2016[201x] application INCITS/ISO/IEC 7816- Identification cards -- Integrated circuit cards -- Part 6: Interindustry data elements 6:2016[201x] for interchange INCITS/ISO/IEC 7816- Identification cards -- Integrated circuit cards -- Part 9: Commands for card 9:2017[201x] management INCITS/ISO/IEC 7816- Identification cards -- Integrated circuit cards -- Part 8: Commands and 8:2016[201x] mechanisms for security operations INCITS/ISO/IEC Information technology -- Security techniques -- Guidelines for information security 27007:2017[201x] management systems auditing INCITS/ISO/IEC 10118- Information technology -- Security techniques -- Hash-functions -- Part 1: General 1:2016[201x] INCITS/ISO/IEC 10118- IT Security techniques -- Hash-functions -- Part 3: Dedicated hash-functions 3:2018[201x] INCITS/ISO/IEC 11770- IT Security techniques -- -- Part 2: Mechanisms using 2:2018[201x] symmetric techniques INCITS/ISO/IEC Information technology -- Security techniques -- Code of practice for Information 27011:2016[201x] security controls based on ISO/IEC 27002 for telecommunications organizations INCITS/ISO/IEC 9798- IT Security techniques -- Entity -- Part 3: Mechanisms using digital 3:2019[201x] signature techniques INCITS/ISO/IEC 11889- Information technology -- Trusted platform module library -- Part 1: Architecture 1:2015[201x] INCITS/ISO/IEC 11889- Information technology -- Trusted Platform Module Library -- Part 2: Structures 2:2015[201x] INCITS/ISO/IEC 11889- Information technology -- Trusted Platform Module Library -- Part 3: Commands 3:2015[201x] INCITS/ISO/IEC 11889- Information technology -- Trusted Platform Module Library -- Part 4: Supporting 4:2015[201x] Routines INCITS/ISO/IEC Information technology -- Digitally recorded media for information interchange and 16963:2017[201x] storage -- Test method for the estimation of lifetime of optical disks for long-term data storage INCITS/ISO/IEC 24752- Information technology -- User interfaces -- -- Part 1: 1:2014[201x] General framework INCITS/ISO/IEC 24752- Information technology -- User interfaces -- Universal remote console -- Part 2: 2:2014[201x] User interface socket description INCITS/ISO/IEC 24752- Information technology -- User interfaces -- Universal remote console -- Part 4: 4:2014[201x] Target description INCITS/ISO/IEC 24752- Information technology -- User interfaces -- Universal remote console -- Part 5: 5:2014[201x] Resource description INCITS/ISO/IEC Information technology -- Digitally recorded media for information interchange and 29121:2018[201x] storage -- Data migration method for optical disks for long-term data storage INCITS/ISO/IEC 14496- Information technology -- Coding of audio-visual objects -- Part 15: Carriage of 15:2017[201x] network abstraction layer (NAL) unit structured video in the ISO base media file format INCITS/ISO/IEC 18041- Information technology -- Computer graphics, image processing and 4:2016[201x] environmental data representation -- Environmental Data Coding Specification (EDCS) language bindings -- Part 4: INCITS/ISO/IEC 19776- Information technology -- Computer graphics, image processing and 2:2015[201x] environmental data representation -- Extensible 3D () encodings -- Part 2: Classic VRML encoding INCITS/ISO Geographic information -- Spatial referencing by geographic identifiers 19112:2019[201x] INCITS/ISO 19115- Geographic information -- Metadata -- Part 2: Extensions for acquisition and 2:2019[201x] processing INCITS/ISO/IEC Information technology -- Lossy/lossless coding of bi-level images 14492:2019[201x] INCITS/ISO/IEC 14496- Information technology -- Coding of audio-visual objects -- Part 11: Scene 11:2015[201x] description and application engine INCITS/ISO/IEC 14496- Information technology -- Coding of audio-visual objects -- Part 12: ISO base 12:2015[201x] media file format INCITS/ISO/IEC 14496- Information technology -- Coding of audio-visual objects -- Part 22: Open Font 22:2019[201x] Format INCITS/ISO/IEC 15444- Information technology -- JPEG 2000 image coding system: Reference software 5:2015[201x] INCITS/ISO/IEC 15444- Information technology -- JPEG 2000 image coding system: Core coding system 1:2016[201x] INCITS/ISO/IEC 13818- Information technology -- Generic coding of moving pictures and associated audio 1:2019[201X] information -- Part 1: Systems INCITS/ISO/IEC 24709- Information technology -- Conformance testing for the biometric application 1:2017[201x] programming interface (BioAPI) -- Part 1: Methods and procedures INCITS/ISO/IEC 29109- Information technology -- Conformance testing methodology for biometric data 5:2019[201x] interchange formats defined in ISO/IEC 19794 -- Part 5: Face image data INCITS/ISO/IEC Information technology -- Open distributed processing -- Reference model -- 15414:2015[201x] Enterprise language INCITS/ISO/IEC 8824- Information technology -- Abstract Syntax Notation One (ASN.1): Specification of 1:2015[201x] basic notation INCITS/ISO/IEC 8824- Information technology -- Abstract Syntax Notation One (ASN.1): Information 2:2015[201x] object specification INCITS/ISO/IEC 8824- Information technology -- Abstract Syntax Notation One (ASN.1): Constraint 3:2015[201x] specification INCITS/ISO/IEC 8824- Information technology -- Abstract Syntax Notation One (ASN.1): 4:2015[201x] Parameterization of ASN.1 specifications INCITS/ISO/IEC 8825- Information technology -- ASN.1 encoding rules: Specification of Basic Encoding 1:2015[201x] Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) INCITS/ISO/IEC 8825- Information technology -- ASN.1 encoding rules: Specification of Packed Encoding 2:2015[201x] Rules (PER) INCITS/ISO/IEC 8825- Information technology -- ASN.1 encoding rules: Specification of Encoding Control 3:2015[201x] Notation (ECN) INCITS/ISO/IEC 8825- Information technology -- ASN.1 encoding rules: XML Encoding Rules (XER) 4:2015[201x]