1 Scope
This document defines an inventory of building blocks conceptually associated with
different types of assessments of information and communication technology (ICT) trustworthiness.
These assessments apply to areas such as governance, risk management, security evaluation,
secure development lifecycle (SDL), supply chain integrity and privacy. This document
also defines an ontology that organizes these building blocks and provides instructions for using the inventory
of building blocks and the ontology.
Formalizing the types, categories, and structural characteristics of building blocks
in the area of
ICT trustworthiness assessment aims to increase efficiency and improve future harmonization
in standards development and their use. Building blocks can refer to structural components
as well as semantic components. These components can be connected to a variety of
concepts and activities related to trustworthiness assessments, including process
related, such as traceability or elements of assessment methodologies.