In the history of Information Security the most refined working framework for standardizing the evaluation of security was published in the 80’s in US by the name “Trusted Computer System Evaluation Criteria” aka the ”Orange Book”. Since then several information Security standards like IS027001, COBIT,…
