标准号:ISO/IEC 27003-2010
实施状态:作废
中文名称:信息技术.安全技术.信息安全管理系统执行指南
英文名称:Information technology - Security techniques - Information security management system implementation guidance
发布日期:2010-02
被替代标准:ISO/IEC 27003-2017
代替标准:ISO/IEC FDIS 27003-2009
采用标准:BS ISO/IEC 27003-2010,IDT
起草单位:ISO/IEC JTC 1/SC 27
标准简介:This International Standard focuses on the critical aspects needed for successful design and implementation
of an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2005. It describes
the process of ISMS specification and design from inception to the production of implementation plans. It
describes the process of obtaining management approval to implement an ISMS, defines a project to
implement an ISMS (referred to in this International Standard as the ISMS project), and provides guidance on
how to plan the ISMS project, resulting in a final ISMS project implementation plan.
This International Standard is intended to be used by organizations implementing an ISMS. It is applicable to
all types of organization (e.g. commercial enterprises, government agencies, non-profit organizations) of all
sizes. Each organization's complexity and risks are unique, and its specific requirements will drive the ISMS
implementation. Smaller organizations will find that the activities noted in this International Standard are
applicable to them and can be simplified. Large-scale or complex organizations might find that a layered
organization or management system is needed to manage the activities in this International Standard
effectively. However, in both cases, the relevant activities can be planned by applying this International
Standard.
文件格式:PDF
文件大小:3.66MB
文件页数:76
(以上信息更新时间为:2019-11-22)
ISO_IEC 27003-2010 信息技术.安全技术.信息安全管理系统执行指南.pdf
(3.66 MB)
|
|
