信息安全管理：全球最佳实务与实施指南

flystars
0 ℃
2019-09-30

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

:cyl@information.js.cn:025-51955023815487301:200511:cyl@information.js.cn:025-51955023815487302--------------------------------31.1--------------------------------------------------------------------31.2--------------------------------------------------------31.3C.I.A.-----------------------------------------------------------31.4------------------------------------------------------------4-------------------------------72.1--------------------------------------------------------------------------72.2----------------------------------------------------------------------82.3----------------------------------------------------------------------9BS7799---------------------------------112.1BS7799--------------------------------------------------------------------112.2BS7799--------------------------------------------------------------112.3BS7799--------------------------------------------------------------------11BS7799Part1--------------------133.1BS799Part1------------------------------------------------------------13BS7799Part2--------------------154.1BS7799Part2----------------------------------------------------------15------------------------------176.10553--------------------------------------------------------176.2------------------------------------------------------------------19------------------------22:cyl@information.js.cn:025-519550238154873031.1GMITSISO/IECTR13335ISO/IECITzzz1.21.3C.I.A.C.I.A.:cyl@information.js.cn:025-51955023815487304ConfidentialityIntegrityAvailability1.2C.I.A.C.I.A.C.I.A.1.2Privacy(Identification)(Authentication)(Authorization);(Accountability)(Non-repudiation)(Audit)C.I.A.D.A.D.(Disclosure)(Alteration)(Destruction)1.4InformationSecurityManagement:cyl@information.js.cn:025-51955023815487305PDCAPDCAPlanDoCheckAct1.4-11.4-1PDCAActionPlanDoCheckPDCAPDCAPDCABS7799:cyl@information.js.cn:025-519550238154873061.4-2RiskAssessmentRiskMitigationRiskControlConfigurationManagementChangeManagementContingencyPlanningPCDAPlanDoCheckAction:cyl@information.js.cn:025-519550238154873072.1RiskManagementITRiskAssessment2.1-1AssetThreatThreatsourcethreatagentVulnerability:cyl@information.js.cn:025-51955023815487308RiskLikelihoodProbabilityFrequencyImpactConsequenceSafeguardcontrolcountermeasureResidualRisk2.1-22.2:cyl@information.js.cn:025-51955023815487309Knowledge-basedModel-basedQualitativeQuantitative2.22.3:Establishthecontext:cyl@information.js.cn:025-519550238154873010IdentifytherisksAnalysetherisksEvaluatetherisksTreattherisksMonitorandreviewCommunicateandconsultStakeholder:cyl@information.js.cn:025-519550238154873011BS77993.1BS7799BS77991995BritishStandardsInstitute,BSIBS7799ISO/IEC17799200036127BS7799ISMSISO/IEC17799ISMSBSIISO17%ISO9000ISO14000OHSAS18000BS779941BS7799BS7799ISMS3.2BS7799BS7799DTIBSI1995BS7799-119951998BS7799-21998BS7799-1BS779919994BS7799BS77991999200012ISO/IECJTC1/SC27BS7799-11999ISO/IEC1779920002002BSIBS77992-1999PDCA200495BS7799-220023.3BS7799BS7799BS779941/AS/NZS4444AS/NZS7799:cyl@information.js.cn:025-519550238154873012SPE20003SS627799JISX5080BS7799-1BS7799BS7799-11999CNS17799BS7799-22002CNS17800BS7799:cyl@information.js.cn:025-519550238154873013BS7799Part14.1BS799Part1BS7799-11999ISO/IEC177992000CodeofPracticeforInformationSecurityManagement,127SecuritypolicyOrganizationsecurityAssetclassificationandcontrolPersonnelsecurityphysicalandenvironmentalsecurityCommunicationandoperationmanagementAccesscontrol:cyl@information.js.cn:025-519550238154873014SystemdevelopmentandmaintenanceITBusinesscontinuitymanagementCompliance:cyl@information.js.cn:025-519550238154873015BS7799Part25.1BS7799Part20.0.10.2PCDA0.3ISO9001ISO140011.1.1ISMS1.22.ISO9001ISO17799ISOGuide73:20023.CIAISMS4.4.1ISMS4.2ISMS4.2.1ISMSPlanISMSISMSSOAISMS4.2.2ISMSDO5.24.2.3ISMSCheckISMSISMSISMSISMS4.3:cyl@information.js.cn:025-5195502381548730164.3.1ISMS4.3.2ISMS4.3.35.5.1ISMS5.25.2.1ISMS5.2.2ISMS6.ISMS6.1ISMS6.26.36.4ISMSISMS7.ISMS7.1ISMS7.2ISMS7.3:cyl@information.js.cn:025-5195502381548730176.10553:cyl@information.js.cn:025-519550238154873018:cyl@information.js.cn:025-5195502381548730196.220051160%BS-7799BS-7799BritishStandardsInstitution,BSI200012ISOISO/IEC17799.BS7799BS-7799ISO/IEC17799ISO/IEC17799BS7799-22002zzzBS7799zzzISO/IEC17799zCIOCSOzzzISPICPzz:cyl@information.js.cn:025-519550238154873020zITzzzBS7799zzzzzISO/IEC17799z–z–zzzz,30/()200511232532005122123370152380/:077760801900000972025-5195502381548730:cyl@information.js.cn:025-519550238154873021025-8324814783207683@information.js.cn,infosec_training@hotmail.com2005:cyl@information.js.cn:025-519550238154873022****IT**ISO90012000IT..:70()15210013TEL025-51955023FAX021-83207683E_MAILcyl@information.js.cnMSN:inforsec_training@hotmail.com: