BS 10754-1:2018 pdf download

BS 10754-1:2018 pdf download.Information technology — Systems trustworthiness Part 1: Governance and management specification
1 Scope
This British Standard provides a specification for systems, software and services trustworthiness, that is intended to be a widely applicable approach that can be customized for any organization and software. The requirements of this British Standard define the overall principles for effective trustworthiness, and include technical, physical, cultural and behavioural measures alongside effective leadership and governance. It identifies the necessary tools, techniques and processes and addresses safety, reliability, availability, resilience and security issues. This British Standard does not specify the detailed processes or actions that an organization follows in order to achieve these outcomes. NOTE 1 These processes are defined in other standards, or can be defined by the organization. This British Standard includes a comprehensive Trustworthiness System Framework (TSFr), which provides a domain- and implementation-agnostic way to reference the large existing body of knowledge, including functional safety, information security, and systems and software engineering and acts as a collation of good practice for software trustworthiness. When used as a standalone document for organizations with no current approach to software trustworthiness, this specification facilitates the deployment of the TSFr for software in its many guises from embedded equipment through consumer devices to industrial control systems. Where organizations already address system trustworthiness through one or more of the five facets of trustworthiness in isolation (safety, reliability, availability, resilience and security), this specification provides a companion and complement to other relevant standards. This British Standard provides a benchmark of concepts, principles, expected techniques and management practices to achieve individual facets. This can be used to identify any gaps and enhancements for local implementation.
3.4 data
series of digital or analogue signals or encoded characters stored or transmitted electronically, or marks (e.g. writing, printed characters or graphics) on paper or microform, that are intended to convey information NOTE The essential distinction between data and information is that data do not need to have any meaning attached to them. Data become information via context; the same data file can be considered as containing different information depending on the context: the data in the same file can be considered as containing ASCII characters as far as one computer program is concerned; another can regard the same data as a set of names and addresses; the user can know that these are customer names and addresses.
3.5 defect
non-fulfilment of an explicit or implicit requirement, or the omission of a requirement, related to an intended or specified use NOTE Defects can be technical or application specific.