• Sectors
• Communications, Information Technology and e-Commerce Services
• IT-012 Information Systems, Security and Identification Technology

The committee's charter is defined in its Terms Of Reference [PDF].
Terms of Reference is subject to change

Active Projects0

Constitution0

International Relationships0

Published Standards0

Sub Committees0

Active Projects 3

Constitution 19

International Relationships 1

Published Standards 35

Sub Committees 3

• This is a list of projects currently being worked on by Standards Australia's Standards Development Team.

  Project Code

  Project Title

  • AS ISO/IEC 27011

    Information technology - Security techniques –Information security control guidelines based on ISO/IEC 27002 for telecommunications organizations

    Project Start Date

     18/01/2017

    Project Type

     International Adoption - Identical

    Product Type

     Standard

    Project Status

     Active

    Expected Completion Date

     10/05/2017

    Project Committee

     IT-012

  • AS ISO/IEC 27035.1

    Information technology -- Security techniques -- Information security incident management -- Part 1: Principles of incident management

    Project Start Date

     06/01/2017

    Project Type

     International Adoption - Identical

    Product Type

     Standard

    Project Status

     Active

    Expected Completion Date

     24/04/2017

    Project Committee

     IT-012

  • AS ISO/IEC 27035.2

    Information technology - Security techniques - Information security incident management - Part 2: Guidelines to plan and prepare for incident response

    Project Start Date

     06/01/2017

    Project Type

     International Adoption - Identical

    Product Type

     Standard

    Project Status

     Active

    Expected Completion Date

     24/04/2017

    Project Committee

     IT-012

• The constitution of a Technical Committee consists of the Nominating Organisations that represent various interest groups across the industries. These Nominating Organisations are currently participating in Standards Australia’s Standards Development activity. The Nominating Organisation appoints a representative to represent the views of that organisation’s interest group during the development of a Standard.

  Constitution

   

  Australian Banking Association

  Australian Chamber of Commerce and Industry

  Australian Federal Police

  Australian Industry Group

  Australian Information Industry Association

  Australian Information Security Association

  Australian Payments Network Limited

  Australian Security Industry Association Limited

  Australian Services Roundtable

  Consumers Federation of Australia

  Co-opted Member/Former chairperson

  Department of Defence (Australian Government)

  Engineers Australia

  Independent Chairperson (Australia)

  IT-030 Liaison

  IT-038 Liaison

  IT-041 liaison

  National Retail Association

  Office of the Victorian Information Commissioner

• Standards Australia participates in Standards development with the International standards bodies as listed below.

  For further information on ISO relationships please visit ISO’s website www.iso.org

  For further information on IEC relationships please visit IEC’s website www.iec.ch

  Organisation

  Title

  • ISO/IEC

    IT Security techniques

    Organisational Role

     Participating

    Technical Committee

     JTC 1

    Subcommittee

     SC 27

• Below is the list of current Standards developed and published by Standards Australia. This list does not display the obsolete, superseded, available superseded and withdrawn Standards. The published Standards are documents that set out specifications and procedures designed to ensure products, services and systems are safe, reliable and consistently perform the way they are intended to.

  Purchasing Standards

  To purchase a Standard, please contact our publishing partner SAI Global InfoStore.

  Designation

  Publication Title

  • AS 14443.1-2003

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Physical characteristics

    Publication Type

     New

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Describes the physical characteristics of proximity cards.

  • AS 14443.1-2003 Rec:2016

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Part 1: Physical characteristics

    Publication Type

     Reconfirmation

    Product Type

     Reconfirmation

    Publication Status

     Current

    Publication Synopsis

     

  • AS 14443.2-2003

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Radio frequency power and signal interface

    Publication Type

     New

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Describes the electrical characteristics of two types of contactless interface between a proximity card and a proximity coupling device. In addition, includes both power and bi-directional communication.

  • AS 14443.2-2003 Rec:2016

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Part 2: Radio frequency power and signal interface

    Publication Type

     Reconfirmation

    Product Type

     Reconfirmation

    Publication Status

     Current

    Publication Synopsis

     

  • AS 14443.3-2003

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Initialization and anticollision

    Publication Type

     New

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Describes polling for proximity cards entering the field of a proximity coupling device, the byte format and framing, the initial Request and Answer to Request command content, methods to detect and communicate with one proximity card among several proximity cards (anticollision) and other parameters required to initialize communications between a proximity card and a proximity coupling device.

  • AS 14443.3-2003 Rec:2016

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Part 3: Initialization and anticollision

    Publication Type

     Reconfirmation

    Product Type

     Reconfirmation

    Publication Status

     Current

    Publication Synopsis

     

  • AS 14443.4-2003

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Transmission protocol

    Publication Type

     New

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Provides a half-duplex block transmission protocol featuring the special needs of a contactless environment and defines the activation and deactivation sequence of the protocol.

  • AS 14443.4-2003 Rec:2016

    Identification cards - Contactless integrated circuit(s) cards - Proximity cards - Part 4: Transmission protocol

    Publication Type

     Reconfirmation

    Product Type

     Reconfirmation

    Publication Status

     Current

    Publication Synopsis

     

  • AS ISO/IEC 27001:2015

    Information technology - Security techniques - Information security management systems - Requirements

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO27001:2013, including Amendment1:2014, which specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.

  • AS ISO/IEC 27001:2015 Amd 1:2016

    Information technology - Security techniques - Information security management systems - Requirements

    Publication Type

     Correction amendment

    Product Type

     Amendment

    Publication Status

     Current

    Publication Synopsis

     

  • AS ISO/IEC 27002:2015

    Information technology - Security techniques - Code of practice for information security controls

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO27002:2013, including Amendment1:2014, which provides guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).

  • AS ISO/IEC 27002:2015 Amd 1:2016

    Information technology - Security techniques - Code of practice for information security controls

    Publication Type

     Correction amendment

    Product Type

     Amendment

    Publication Status

     Current

    Publication Synopsis

     

  • AS ISO/IEC 27003:2017

    Information technology - Security techniques - Information security management systems - Guidance

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27003:2017 which provides explanation and guidance on ISO/IEC 27001:2013.

  • AS ISO/IEC 27004:2018

    Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27004:2016 to provide guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1.

  • AS ISO/IEC 27004:2018

    Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27004:2016 to provide guidelines intended to assist organizations in evaluating the information security performance and the effectiveness of an information security management system in order to fulfil the requirements of ISO/IEC 27001:2013, 9.1.

  • AS ISO/IEC 27011:2017

    Information technology - Security techniques –Information security control guidelines based on ISO/IEC 27002 for telecommunications organizations

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27011:2016, which defines guidelines supporting the implementation of information security controls in telecommunications organizations.

  • AS ISO/IEC 27013:2017

    Information technology - Security techniques - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27013:2015 to provide guidance to organizations on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1.

  • AS ISO/IEC 27035.1:2017

    Information technology—Security techniques—Information security incident management, Part 1: Principles of incident management

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-1:2016 to present basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.

  • AS ISO/IEC 27035.1:2017

    Information technology—Security techniques—Information security incident management, Part 1: Principles of incident management

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-1:2016 to present basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.

  • AS ISO/IEC 27035.1:2017

    Information technology—Security techniques—Information security incident management, Part 1: Principles of incident management

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-1:2016 to present basic concepts and phases of information security incident management and combines these concepts with principles in a structured approach to detecting, reporting, assessing, and responding to incidents, and applying lessons learnt.

  • AS ISO/IEC 27035.2:2017

    Information technology—Security techniques—Information security incident management, Part 2: Guidelines to plan and prepare for incident response

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-2:2016 to provide guidelines to plan and prepare for incident response. The guidelines are based on the ‘Plan and Prepare’ and ‘Lessons Learnt’ phases of the ‘Information security incident management phases’ model presented in ISO/IEC 27035-1.

  • AS ISO/IEC 27035.2:2017

    Information technology—Security techniques—Information security incident management, Part 2: Guidelines to plan and prepare for incident response

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-2:2016 to provide guidelines to plan and prepare for incident response. The guidelines are based on the ‘Plan and Prepare’ and ‘Lessons Learnt’ phases of the ‘Information security incident management phases’ model presented in ISO/IEC 27035-1.

  • AS ISO/IEC 27035.2:2017

    Information technology—Security techniques—Information security incident management, Part 2: Guidelines to plan and prepare for incident response

    Publication Type

     International adoption identical

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27035-2:2016 to provide guidelines to plan and prepare for incident response. The guidelines are based on the ‘Plan and Prepare’ and ‘Lessons Learnt’ phases of the ‘Information security incident management phases’ model presented in ISO/IEC 27035-1.

  • AS/NZS ISO/IEC 11770.2-2008

    Information technology - Security techniques - Key management - Mechanisms using symmetric techniques

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 11770-2:1996 which defines key establishment mechanisms using symmetric cryptographic techniques.

  • AS/NZS ISO/IEC 11770.3-2008

    Information technology - Security techniques - Key management - Mechanisms using asymmetric techniques

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 11770-3:1999 which defines key management mechanisms based on asymmetric cryptographic techniques.

  • AS/NZS ISO/IEC 11770.4-2008

    Information technology-Security techniques - Key management - Mechanisms based on weak secrets

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     

  • AS/NZS ISO/IEC 17799-2001 AMDT 1-2004

    Information technology - Code of practice for information security management

    Publication Type

     Correction amendment

    Product Type

     Amendment

    Publication Status

     Current

    Publication Synopsis

     

  • AS/NZS ISO/IEC 17799-2006 AMDT 1

    Information technology - Security techniques - Code of practice for information security management

    Publication Type

     Correction amendment

    Product Type

     Amendment

    Publication Status

     Current

    Publication Synopsis

     

  • AS/NZS ISO/IEC 18028.1-2008

    Information technology - Security techniques - IT network security - Network security management

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 18028-1:2006 to align the Australian approach to network-security with worlds best practice.

  • AS/NZS ISO/IEC 18028.5-2008

    Information technology - Security techniques - IT network security - Securing communications across networks using virtual private networks

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 18028-5:2008 to align Australian procedures for securing communications across VPN (Virtual Private Networks).

  • AS/NZS ISO/IEC 18033.2-2008

    Information technology - Security techniques - Encryption algorithms - Asymmetric ciphers

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 18033-2:2006 to make available to the Australian market the latest versions of approved asymmetric ciphers.

  • AS/NZS ISO/IEC 27005-2012

    Information technology - Security techniques - Information security risk management (ISO/IEC 27005:2011, MOD)

    Publication Type

     Revision

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 27005:2011 to provide guidelines for information security risk management.

  • AS/NZS ISO/IEC 9798.2-2008

    Information technology - Security techniques - Entity authentication - Mechanisms using symmetric encipherment algorithms

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 9798-2:1999 which specifies entity authentication mechanisms using symmetric encipherment algorithms.

  • AS/NZS ISO/IEC 9798.3-2008

    Information technology - Security techniques - Entity authentication - Mechanisms using digital signature techniques

    Publication Type

     New

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 9798-3:1999 which specifies entity authentication mechanisms using digital signatures based on asymmetric techniques.

  • AS/NZS ISO/IEC 9798.4-2008

    Information technology - Security techniques - Entity authentication - Mechanisms using a cryptographic check function

    Publication Type

     International adoption modified

    Product Type

     Standard

    Publication Status

     Current

    Publication Synopsis

     Adopts ISO/IEC 9798-4:1999 which specifies entity authentication mechanisms using a cryptographic check function.

• The Sub Committees within the Technical Committee are listed here.

  Sub Committees

   

  IT-012-01 Dummy

  IT-012-02 'IC Cards

  IT-012-04 Security Techniques