ISO27000认证 上个世纪90年代末,人们开始意识到管理在解决信息安全问题中的作用
发布时间: 2016-03-13 12:25 点击:
ISO27000认证 上个世纪90年代末,人们开始意识到管理在解决信息安全问题中的作用
ISO27000 certification last century, the end of the 90's, people began to realize the role of management in resolving the issue of information security
当信息安全问题开始出现的初期,人们解决信息安全问题的主要途径就是安装和使用信息安全产品,如加密机、防火墙、入侵检测设备等。
When the information security problems began to emerge, the main way to solve the problem of information security is to install and use information security products, such as encryption machine, firewall, intrusion detection equipment, etc..
信息安全技术和产品的应用,一定程度上解决了部分信息安全问题。但是人们发现仅仅靠这些产品和技术还不够,即使采购和使用了足够先进、足够多的信息安全产品,仍然无法避免一些信息安全事件的发生。
Information security technology and product application, to a certain extent, to solve some of the information security issues. But it is not enough for people to find out that they are not enough to avoid the occurrence of some information security events, even though they are not enough to purchase and use enough advanced and enough information security products.
与组织中个人有关的信息安全问题、信息安全成本和效益的平衡、信息安全目标、业务连续性、信息安全相关法规符合性等,这些问题与信息安全的要求都密切相关,而仅仅通过产品和技术是无法解决的。
And individual organizations related problems of information security, information security costs and benefits of balance, the goal of information security, business continuity, security information relevant laws and regulations compliance, is closely related to these issues and information security requirements only by products and technologies is no solution.
上个世纪90年代末,人们开始意识到管理在解决信息安全问题中的作用。
The 90's last century, people began to realize that to solve the problem of information security management in the role of.
1993年9月,由英国贸工部(DTI)组织许多企业参与编写了一个信息安全管理的文本-“信息安全管理实用规则(Code of practice for information security management)”,1995年2月,在该文本的基础上,英国发布了国家标准BS7799-1:1995。1999年英国对该标准进行了修订后发布1999年版,2000年12月被采纳成为国际标准,即ISO/IEC17799:2000。
In September 1993, by DTI (DTI) many organizations involved in the preparation of the text of an information security management - "practice for information security management rules (code of practice for information security management)", in February 1995, on the basis of the text, the British released the national standard BS7799-1:1995. In 1999 the British on the standard was revised after the release of the 1999 edition, December 2000 was adopted as the international standard, namely ISO/IEC17799:2000.
2005年6月15日,该标准被修订发布为ISO/IEC17799:2005。2007年4月正式更名为ISO/IEC 27000。
In June 15, 2005, the standard was revised and promulgated by ISO/IEC17799:2005. In April 2007 officially changed its name to ISO/IEC 27000.