GB/T 20269-2006 信息安全技术 信息系统安全管理要求 (英文版)
发布-leeglee | 查看- | 发表时间-2017/12/6
说明:网站上所展示的为部分标准中文翻译目录,如果您未能查到您所需要的标准请联系我们(来信询问,均会及时回复)
标准编号:GB/T 20269-2006
标准名称:GB/T 20269-2006 信息安全技术 信息系统安全管理要求 (英文版)
英文名称:Information security technology Information system security management requirements
发布日期:2006-05-31
实施日期:2006-12-01
全文页数:141
译文格式:Word/PDF
目录简介:ContentsForeword5Introduction61 Scope82 Normative references83 Terms and definitions84 General requirements of information system security management94.1Content of information system security management94.2 Information system security management principles105 Information system security management elements and the strength125.1 Policy and system125.1.1 Information security management policy125.1.2 Security management rules and regulations165.1.3 Policy and system document management195.2 organization and personnel management215.2.1 Security management organization215.2.2 Security mechanism centralized management organization235.2.3 Personnel management245.2.4 Education and training285.3 Risk management295.3.1 Risk management requirements and policies295.3.2 Risk analysis and assessment305.3.3 Risk control335.3.4 Decision making based on risks335.3.5 Risk assessment management345.4 Environment and resource management365.4.1 Environment security management365.4.2 Resources management395.5 Operation and maintenance management435.5.1 User management435.5.2 Operation management455.5.3 Operation maintenance management495.5.4 Outsourced service management535.5.5 Guarantee Related to Security Mechanism555.5.6 Security centralized management635.6 Business continuity management675.6.1 Backup and recovery675.6.2 Security incident handling685.6.3 Emergency processing715.7 Supervision and inspection management735.7.1 Conforming with legal requirements735.7.2 Compliance inspection745.7.3 Audit and supervision control765.7.4 Responsibility determination775.8 Life cycle management785.8.1 Plan and project approval management785.8.2 Construction process management805.8.3 System startup and stop management836 Information system security management grading requirements856.1 Grade I: user discretionary protection856.1.1 Management objective and scope856.1.2 Policy and system requirements856.1.3 organization and personnel management requirements866.1.4 Risk management requirements866.1.5 Environment and resource management requirements876.1.6 Operation and maintenance management requirements886.1.7 Business continuity management requirements896.1.8 Supervision and inspection management requirements906.1.9 Life cycle management requirements906.2 Grade II: system audit protection916.2.1 Management objective and scope916.2.2 Policy and system requirements916.2.3 organization and personnel management requirements926.2.4 Risk management requirements936.2.5 Environment and resource management requirements946.2.6 Operation and maintenance management requirements946.2.7 Business continuity management requirements966.2.8 Supervision and inspection management requirements966.2.9 Life cycle management requirements976.3 Grade III: security sign protection986.3.1 Management objective and scope986.3.2 Policy and system requirements986.3.3 organization and personnel management requirements996.3.4 Risk management requirements1006.3.5 Environment and resource management requirements1016.3.6 Operation and maintenance management requirements1026.3.7 Business continuity management requirements1036.3.8 Supervision and inspection management requirements1046.3.9 Life cycle management requirements1056.4 Level four: structured protection level1066.4.1 Management objectives and scope1066.4.2 Policy and system requirements1076.4.3 organization and personnel management requirements1076.4.4 Risk management requirements1086.4.5 Environment and resource management requirements1096.4.6 Operation and maintenance management requirements1096.4.7 Business continuity management requirements1116.4.8 Supervision and inspection management requirements1116.4.9 Life cycle management requirements1126.5 Level five: access validation protection level1136.5.1 Management objectives and scope1136.5.2 Policy and system requirements1136.5.3 organization and personnel management requirements1146.5.4 Risk management requirements1156.5.5 Environment and resource management requirements1156.5.6 Operation and maintenance management requirements1156.5.7 Business continuity management requirements1166.5.8 Supervision and inspection management requirements1176.5.9 Life cycle management requirements117Annex A (Informative) Corresponding Relationship among Security Management Factors, Strength and Security Management Grading Requirements118Annex B (Informative) Information System Security Management Concept Description127B.1 Main security factors128B.1.1 Assets128B.1.2 Threats129B.1.3 Vulnerability129B.1.4 Effects of accidents129B.1.5 Risks130B.1.6 Protective measures130B.2 Security management process130B.2.1 Security management process model130B.2.2 Security objectives131B.2.3 Determination of security protection level131B.2.4 Security risk analysis and assessment132B.2.5 Develop security polices132B.2.6 Security requirements analysis133B.2.7 Implementation of security measures135B.2.8 Supervision of security implementation process136B.2.9 Security audit of the information system137B.2.10 Life cycle management138Bibliography139
关键字:GB/T 20269 英文版 English Version
标准名称:GB/T 20269-2006 信息安全技术 信息系统安全管理要求 (英文版)
英文名称:Information security technology Information system security management requirements
发布日期:2006-05-31
实施日期:2006-12-01
全文页数:141
译文格式:Word/PDF
目录简介:ContentsForeword5Introduction61 Scope82 Normative references83 Terms and definitions84 General requirements of information system security management94.1Content of information system security management94.2 Information system security management principles105 Information system security management elements and the strength125.1 Policy and system125.1.1 Information security management policy125.1.2 Security management rules and regulations165.1.3 Policy and system document management195.2 organization and personnel management215.2.1 Security management organization215.2.2 Security mechanism centralized management organization235.2.3 Personnel management245.2.4 Education and training285.3 Risk management295.3.1 Risk management requirements and policies295.3.2 Risk analysis and assessment305.3.3 Risk control335.3.4 Decision making based on risks335.3.5 Risk assessment management345.4 Environment and resource management365.4.1 Environment security management365.4.2 Resources management395.5 Operation and maintenance management435.5.1 User management435.5.2 Operation management455.5.3 Operation maintenance management495.5.4 Outsourced service management535.5.5 Guarantee Related to Security Mechanism555.5.6 Security centralized management635.6 Business continuity management675.6.1 Backup and recovery675.6.2 Security incident handling685.6.3 Emergency processing715.7 Supervision and inspection management735.7.1 Conforming with legal requirements735.7.2 Compliance inspection745.7.3 Audit and supervision control765.7.4 Responsibility determination775.8 Life cycle management785.8.1 Plan and project approval management785.8.2 Construction process management805.8.3 System startup and stop management836 Information system security management grading requirements856.1 Grade I: user discretionary protection856.1.1 Management objective and scope856.1.2 Policy and system requirements856.1.3 organization and personnel management requirements866.1.4 Risk management requirements866.1.5 Environment and resource management requirements876.1.6 Operation and maintenance management requirements886.1.7 Business continuity management requirements896.1.8 Supervision and inspection management requirements906.1.9 Life cycle management requirements906.2 Grade II: system audit protection916.2.1 Management objective and scope916.2.2 Policy and system requirements916.2.3 organization and personnel management requirements926.2.4 Risk management requirements936.2.5 Environment and resource management requirements946.2.6 Operation and maintenance management requirements946.2.7 Business continuity management requirements966.2.8 Supervision and inspection management requirements966.2.9 Life cycle management requirements976.3 Grade III: security sign protection986.3.1 Management objective and scope986.3.2 Policy and system requirements986.3.3 organization and personnel management requirements996.3.4 Risk management requirements1006.3.5 Environment and resource management requirements1016.3.6 Operation and maintenance management requirements1026.3.7 Business continuity management requirements1036.3.8 Supervision and inspection management requirements1046.3.9 Life cycle management requirements1056.4 Level four: structured protection level1066.4.1 Management objectives and scope1066.4.2 Policy and system requirements1076.4.3 organization and personnel management requirements1076.4.4 Risk management requirements1086.4.5 Environment and resource management requirements1096.4.6 Operation and maintenance management requirements1096.4.7 Business continuity management requirements1116.4.8 Supervision and inspection management requirements1116.4.9 Life cycle management requirements1126.5 Level five: access validation protection level1136.5.1 Management objectives and scope1136.5.2 Policy and system requirements1136.5.3 organization and personnel management requirements1146.5.4 Risk management requirements1156.5.5 Environment and resource management requirements1156.5.6 Operation and maintenance management requirements1156.5.7 Business continuity management requirements1166.5.8 Supervision and inspection management requirements1176.5.9 Life cycle management requirements117Annex A (Informative) Corresponding Relationship among Security Management Factors, Strength and Security Management Grading Requirements118Annex B (Informative) Information System Security Management Concept Description127B.1 Main security factors128B.1.1 Assets128B.1.2 Threats129B.1.3 Vulnerability129B.1.4 Effects of accidents129B.1.5 Risks130B.1.6 Protective measures130B.2 Security management process130B.2.1 Security management process model130B.2.2 Security objectives131B.2.3 Determination of security protection level131B.2.4 Security risk analysis and assessment132B.2.5 Develop security polices132B.2.6 Security requirements analysis133B.2.7 Implementation of security measures135B.2.8 Supervision of security implementation process136B.2.9 Security audit of the information system137B.2.10 Life cycle management138Bibliography139
关键字:GB/T 20269 英文版 English Version
或许你还对下面的文章感兴趣
