1 Scope
2 References
3 Definitions
3.1 Terms defined elsewhere
3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Security requirements analysis
6.1 Common practice in the industry
6.2 Security risks
6.3 Security capabilities
7 The functional framework of the secured process
7.1 The roles in the framework
7.2 The modules in the framework
8 The secured process
8.1 Evaluation sub-process
8.2 Management sub-process
8.3 Audit sub-process
Appendix I – Additional requirements for responsibilities of the roles
I.1 Service agency
I.2 Demander
I.3 Security team
Bibliography