Deliverables
《企業(yè)信息安全風險評估報(bào)告》
Enterprise information security risk assessment report
《企業(yè)業(yè)務數據庫風險評估報(bào)告》
Enterprise business database risk assessment report
Reference standard
《信息技(jì)術(shù) 安全技(jì)術(shù) 信息安全管理實施指南(nán)》(ISO/IEC 27002:2013)
Implementation Guide for information technology security management (ISO / IEC 27002:2013)
《信息安全技(jì)術(shù) 信息系統安全等級保護基本要求》(GB/T 22239-2008)
Information security technology - basic requirements for security level protection of information systems (GB / T 22239-2008)
《信息安全技(jì)術(shù) 信息安全風險管理指南(nán)》(GB/Z 24364-2009)
Information security technology - Guidelines for information security risk management (GB / Z 24364-2009)
《信息安全技(jì)術(shù) 信息安全風險評估規範》(GB/T 20984-2007)
Information security technology - Code for information security risk assessment (GB / T 20984-2007)
《信息安全技(jì)術(shù) 信息安全風險評估實施指南(nán)》(GB/T 31509-2015)
Information security technology - Guidelines for the implementation of information security risk assessment (GB / T 31509-2015)
《NIST-SP800-30 Guide for Conducting Risk Assessments風險評估指南(nán)》
Nist-sp800-30 guide for conducting risk assessments
《NIST-SP800-26 Security Self-Assessment Guide for Information Technology Systems》
《NIST-SP800-26 Security Self-Assessment Guide for Information Technology Systems》
(NIST-SP800 信息技(jì)術(shù)系統安全自(zì)我評估指南(nán))
(nist-sp800 information technology system security Self Assessment Guide)
《信息安全技(jì)術(shù) 信息安全事(shì)件(jiàn)管理指南(nán)》(GB/T 20985-2007)
Information security technology - Guidelines for information security incident management (GB / T 20985-2007)