ISO27001认证 建立信息安全管理体系共有8个阶段
发布时间: 2016-03-13 13:07 点击:
ISO27001 certification to establish a total of 8 stages of information security management system
为了建立、实施和保持信息安全管理体系,首先应策划信息安全管理体系的方针和目标,识别、分类和清理信息资源,根据其危险程度、薄弱环节和发生频次,实施风险控制,包括回避、转移、控制和消除风险。按PDCA循环模式,建立信息安全管理体系。
In order to establish, implement and maintain a management system of information security, the principles and objectives of the information security management system should begin planning, identification, classification and clean up the information resources, according to the degree of danger, weak links and occurrence frequency, the implementation of risk control, including withdrawal, transfer, control and eliminate the risk. According to PDCA cycle mode, the establishment of information security management system.
建立信息安全管理体系共有8个阶段。包括确定ISMS适用范围、策划ISMS方针目标、策划风险控制的过程、识别和评估风险、对风险控制现状分析、选择和制订管理方案、识别存在的遗留风险和正式实施ISMS。
Establish a total of 8 stages of information security management system. Including the determination of the applicable range of isms, planning isms policy and objectives, planning risk control process, risk identification and assessment, risk control analysis, selection and formulation of management scheme, identify the presence of legacy risk and the formal implementation of the ISMS.