|
Work item:
|
X.ssc-sa
|
|
Subject/title:
|
Guidelines for software supply chain security audit
|
|
Status:
|
Under study [Issued from previous study period]
|
|
Approval process:
|
TAP
|
|
Type of work item:
|
Recommendation
|
|
Version:
|
New
|
|
Equivalent number:
|
-
|
|
Timing:
|
2026-06 (Medium priority)
|
|
Liaison:
|
ISO/IEC JTC 1/SC 27 WG4
|
|
Supporting members:
|
China Telecom, China Unicom
|
|
Summary:
|
This Recommendation analyzes the issue of security audits in software supply chains and outlines the background and necessity of such audits. In addition, it provides specific security guidelines to ensure the security and reliability of security audits in software supply chains. Moreover, this recommendation can also analyze security audits in software supply chains at different levels.
This recommendation aims to establish a comprehensive security audit approach, system, and specific implementation requirements throughout the entire software supply chain life cycle. Additionally, it aims to develop software that will support enterprises and serve as the foundation for supply chain security audit and other related activities.
|
|
Comment:
|
incubation queue
|
|
Reference(s):
|
|
|
Historic references:
|
|
Contact(s):
|
|
| ITU-T A.5 justification(s): |
|
|
|
|
First registration in the WP:
2023-09-20 23:49:14
|
|
Last update:
2025-03-03 17:23:40
|
