ISO27001认证 信息安全ISO27001体系ISO27001体系管理框架
发布时间: 2013-12-21 17:04 点击:
ISO组织于2013年9月26日,推出了最新的版本ISO/IEC27001:2013信息安全管理体系标准,其框架图如下:
On September 26, 2013, ISO organization launched the latest version of ISO / iec27001:2013 information security management system standard. Its framework is as follows:
以上的框架,有详细的标准解读,这里不多做介绍了。标准的体系框架,几乎可以涵盖目前所有的组织管理领域,即使是互联网企业,仍然适用。只不过,部分域在某些组织或机构中,比较薄弱而已,例如:供应关系管理。
The above framework, there are detailed standard interpretation, here do not do more introduction. The standard system framework can cover almost all the current organizational management fields, even for Internet enterprises, it is still applicable. However, some areas are relatively weak in some organizations or institutions, such as supply relationship management.
当然,云计算时代,标准中的众多管理已经由云服务商实施落地了,这种情况,我们更多关注的是检查或审计云服务商的信息安全符合性。
Of course, in the era of cloud computing, many management standards have been implemented by cloud service providers. In this case, we pay more attention to checking or auditing the information security compliance of cloud service providers.