INCITS: Information Technology Industry Council

INCITS, the InterNational Committee for Information Technology Standards, is a nonprofit organization that develops and publishes standards for the information technology field. Headquartered in Washington, D.C., United States, INCITS standards are propagated throughout the entire world by its membership base of 1,700 organizations spread across 13 countries. INCITS also serves as the administrator for the U.S. TAGs (United States Technical Advisory Group) to ISO/JTC 1 (International Organization for Standardization/Joint Technical Committee) and to many of its subcommittees, as well as the U.S. TAG to ISO/TC 211. Standards from INCITS are available both individually, directly through the ANSI webstore, and as part of a Standards Subscription. If you or your organization are interested in easy, managed, online access to standards that can be shared, a Standards Subscription may be what you need - please contact us at: [email protected] or 1-212-642-4980 or Request Proposal Price.

Below are INCITS's best-selling standards. To find additional standards, please use the search bar above.

INCITS 359-2012 (R2022)

Information technology - Role Based Access Control

This standard consists of two main parts: the RBAC Reference Model and the RBAC System and Administrative Functional Specification. The RBAC Reference Model defines sets of basic RBAC elements (i.e., users, roles, permissions, operations and objects) and relations as types and functions that are included in this standard. The RBAC System and Administrative Functional Specification specifies the features that are required of an RBAC system.

INCITS/ISO/IEC 14882:2020 (2021)

Programming Languages - C++

Specifies requirements for implementations of the C++ programming language. The first such requirement is that they implement the language, so this document also defines C++. Other requirements and relaxations of the first requirement appear at various places within this document. C++ is a general purpose programming language based on the C programming language as described in ISO/IEC 9899:2018 Programming languages — C (hereinafter referred to as the C standard). C++ provides many facilities beyond those provided by C, including additional data types, classes, templates, exceptions, namespaces, operator overloading, function name overloading, references, free store management operators, and additional library facilities.

INCITS/ISO/IEC 27001:2022 (2023)

Information security, cybersecurity and privacy protection - Information security management systems - Requirements

Specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of the organization. This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this document are generic and are intended to be applicable to all organizations, regardless of type, size or nature. Excluding any of the requirements specified in Clauses 4 to 10 is not acceptable when an organization claims conformity to this document.

INCITS/ISO/IEC 9899-2012

Information technology -Programming languages - C

ISO/IEC 9899:2011 specifies the form and establishes the interpretation of programs written in the C programming language.It specifies the representation of C programs; the syntax and constraints of the C language; the semantic rules for interpreting C programs; the representation of input data to be processed by C programs; the representation of output data produced by C programs; the restrictions and limits imposed by a conforming implementation of C. ISO/IEC 9899:2011 does not specify the mechanism by which C programs are transformed for use by a data-processing system; the mechanism by which C programs are invoked for use by a data-processing system; the mechanism by which input data are transformed for use by a C program; the mechanism by which output data are transformed after being produced by a C program; the size or complexity of a program and its data that will exceed the capacity of any specific data-processing system or the capacity of a particular processor; all minimal requirements of a data-processing system that is capable of supporting a conforming implementation. ISO/IEC 9899:2011 is designed to promote the portability of C programs among a variety of data-processing systems. It is intended for use by implementers and programmers.

INCITS 226-1994[S2008]

Information Technology √ Programming Language √ Common Lisp

Promotes the portability of Common Lisp programs among a variety of data processing systems. It is a language specification aimed at an audience of implementors and knowledgeable programmers. It is neither a tutorial nor an implementation guide.

INCITS/ISO/IEC 9075-2:2023 (2023)

Information technology - Database languages SQL - Part 2: Foundation (SQL/Foundation)

Defines the data structures and basic operations on SQL-data. It provides functional capabilities for creating, accessing, maintaining, controlling, and protecting SQL-data.

INCITS/ISO/IEC 14882-2003

Programming languages - C++

This International Standard specifies requirements for implementations of the C + + programming language. The first such requirement is that they implement the language, and so this International Standard also defines C + +. Other requirements and relaxations of the first requirement appear at various places within this International Standard.

INCITS/ISO/IEC 38505-1:2017 (R2023)

Information technology - Governance of IT - Governance of data - Part 1: Application of ISO/IEC 38500 to the governance of data

Provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the effective, efficient, and acceptable use of data within their organizations.

INCITS/ISO/IEC 9899:2018 (R2024)

Information technology - Programming languages - C

Specifies the form and establishes the interpretation of programs written in the C programming language. It specifies the representation of C programs; the syntax and constraints of the C language; the semantic rules for interpreting C programs; the representation of input data to be processed by C programs; the representation of output data produced by C programs; the restrictions and limits imposed by a conforming implementation of C.

INCITS 322-2025

Information Technology - Card Durability Test Methods

This American National Standard describes Test Methods for the evaluation of Identification (ID) card durability. An ID card is defined as a card identifying its holder and issuer which may carry data required as input for the intended use of the card. These test methods are to be used by card issuers, card manufacturers and card component suppliers to make comparisons of ID card performance. These test methods do not imply a specific correlation to end use field performance or a given card service life. However, these test methods may be useful for ranking or comparing the relative durability of ID cards. Results obtained by use of these test methods should not be represented as equivalent to field use performance or an absolute index of ultimate card service unless a degree of quantitative correlation has been established for the ID card material construction in question. These test methods do not possess and do not constitute requirements for ID cards in general. The reader is referred to specific application standards for performance requirements and acceptance criteria (INCITS 440). It is the responsibility of card issuers and their suppliers to decide which attributes are required for card performance in a given card application and to mutually agree which test methods may be appropriate to assess card performance. These test methods may involve the use of hazardous materials, operations and equipment. This standard does not purport to address all safety problems associated with its use. It is the responsibility of the user of this standard to establish appropriate safety and health practices and determine the applicability of local and federal regulatory limitations prior to use