ISO/IEC 2700 1 2022
信息安全, 网络安全与隐私保护
——信息安全 管理体系
——要求
中文试译稿v1.0
翻译 汤季洪
i
目录
序 ................................ ................................ ................................ ................................ .......... I
引言 ................................ ................................ ................................ ................................ .... III
0.1 总则 ................................ ................................ ................................ ............................. III
0.2 与其他管理体系标准的兼容性 ................................ ................................ ........... III
1 范围 ................................ ................................ ................................ ......................... 5
2 规范性引用文件 ................................ ................................ ................................ .... 5
3 术语和定义 ................................ ................................ ................................ ............ 5
4 组织环境 ................................ ................................ ................................ ................ 7
4.1 理解组织及其环境 ................................ ................................ ................................ ... 7
4.2 理解相关方的需求和期望 ................................ ................................ ..................... 7
4.3 确定信息安全管理体系范围 ................................ ................................ ................ 7
4.4 信息安全管理体系 ................................ ................................ ................................ ... 8
5 领导 ................................ ................................ ................................ ......................... 9
5.1 领导和承诺 ................................ ................................ ................................ ................ 9
5.2 方针 ................................ ................................ ................................ .............................. 9
5.3 组织的角色,责任和权限 ................................ ................................ .................. 10
6 规划 ................................ ................................ ................................ ....................... 11
6.1 应对风险和机会的措施 ................................ ................................ ....................... 11
6.1.1 总则 ................................ ................................ ................................ ................................ ................................ .. 11
6.1.2 信息安全风险评估 ................................ ................................ ................................ ................................ ....... 11
6.1.3 信息安全风险处置 ................................ ................................ ................................ ................................ ....... 12
6.2 信息安全目标及其实现规划 ................................ ................................ ............. 14
6.3 变更规划 ................................ ................................ ................................ .................. 15
7 支持 ................................ ................................ ................................ ....................... 16
7.1 资源 ................................ ................................ ................................ ........................... 16
7.2 能力 ................................ ................................ ................................ ........................... 16
7.3 意识 ................................ ................................ ................................ ........................... 16
7.4 沟通 ................................ ................................ ................................ ........................... 17
7.5 文件化信息 ................................ ................................ ................................ ............. 17
7.5.1 总则 .....
ISO 27001 2022中文试译稿v1.0 - 汤季洪 老师
文档预览
中文文档
39 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共39页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-12-05 07:21:59上传分享
ISO 27001 2022中文试译稿v1.0 - 汤季洪 老师
