ISO/IEC TS 27116-1
ISO/IEC TS 27116-1 — Information security, cybersecurity and privacy protection — Framework for customised and multipurpose evaluation
[DRAFT]
Abstract
[ISO/IEC TS 27116-1] "defines a general framework for customized and multipurpose evaluation.” (!)
[Source: Preliminary Work Item Oct 2025]
Introduction
??
Scope
??
Structure
[I don’t know what the ‘customised and multipurpose evaluations’ are for which this project intends to provide a 'general framework'. No idea, sorry.]
Status
A standard development project commenced in 2024, producing a Preliminary Work Item in October 2025.
There is an open call to nominate experts by August 2026.
Commentary
Evaluation of what? Against what? Why? How? When? By whom? So many questions but next to no answers thus far.
The dash-1 suggests this may be a multi-part standard. I have no idea what other parts are planned, if any.
Evidently although SC 27 voted to proceed with this project, only 3 national bodies confirmed their active involvement, nominating experts ... so, unless further support arrives before early August, this project looks unlikely to proceed. Presumably someone thought it sufficiently worthwhile to launch the project: maybe it was ill-conceived or perhaps there is a genuine need, but maybe now is not the best time?
