ISO/IEC 18180:2013
Information technology -- Specification for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2
Abstract
The electronic version of this International Standard can be downloaded from the ISO/IEC Information Technology Task Force (ITTF) web site.
ISO/IEC 18180:2013 specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and scoring. ISO/IEC 18180:2013 also defines a data model and format for storing results of security guidance or checklist testing. The intent of XCCDF is to provide a uniform foundation for expression of security checklists and other configuration guidance, and thereby foster more widespread application of good security practices.
ISO/IEC 18180:2013 specifies the data model and Extensible Markup Language (XML) representation for the Extensible Configuration Checklist Description Format (XCCDF) Version 1.2. An XCCDF document is a structured collection of security configuration rules for some set of target systems. The XCCDF specification is designed to support information interchange, document generation, organizational and situational tailoring, automated compliance testing, and scoring. ISO/IEC 18180:2013 also defines a data model and format for storing results of security guidance or checklist testing. The intent of XCCDF is to provide a uniform foundation for expression of security checklists and other configuration guidance, and thereby foster more widespread application of good security practices.
Additional information
Publication type | International Standard |
---|---|
Publication date | 2013-06-10 |
Edition | 1.0 |
Available language(s) | English |
TC/SC | ISO/IEC JTC 1 - Information technologyrss |
ICS | 35.030 - IT Security 35.040.50 - Automatic identification and data capture techniques |
Pages | 73 |
File size | 2898 KB |
The following test report forms are related:
More information
Share this page
Share your publications
Learn how to share your publications with your colleagues, using networking options.
Payment information
Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.
Keep in touch
Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.
Contact customer services
Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 16:00 CET Monday to Friday.