| Work item | Question | Equiv. Num. | Status | Timing | Approval process | Version | Liaison relationship | Subject / Title | Priority |
| X.1053rev | Q3/17 | | Under study | 2026-06 | AAP | Rev. | - | Information security controls based on ITU-T X.1051 for small and medium-sized telecommunication organizations | Medium |
| X.1058rev | Q3/17 | ISO/IEC 29151 | Determined 2026-02-06 | 2025-10 | TAP | Rev. | ISO/IEC JTC 1/SC 27/WG 5 | Information security, cybersecurity and privacy protection - Controls, requirements, and guidance for personally identifiable information protection | Medium |
| X.1060 | Q3/17 | | Consented 2025-12-11 | 2025-12 | AAP | Rev. | - | Framework for the creation and operation of a Cyber Defence Centre/Cyber Security Centre | Medium |
| X.C2M2 | Q3/17 | | Under study | 2026-01 | AAP | New | - | Cybersecurity capability maturity model for telecommunication organisations | Medium |
| X.cdc-csirt | Q3/17 | | Under study | 2027-01 | AAP | New | FIRST | Relationship between Cyber Defence/Security Center and Computer Security Incident Response Team | Medium |
| X.gsm-cdc | Q3/17 | | Under study | 2027-01 | AAP | New | - | Guidelines on Security Metrics for CDC | Medium |
| X.srm-ssc | Q3/17 | | Under study | 2027-01 | TAP | New | ISO/IEC JTC 1/SC 27 WG4 & WG5 | Security risk management on software supply chain for telecommunication organizations | Medium |
| XSTR.AIsmf | Q3/17 | | Under study | 2027-01 | Agreement | New | - | AI security management framework | Medium |
