ДСТУ ISO/IEC 27001:2010
Завантажити документ
Формат .docx · доступно зареєстрованим користувачам
1 2 4
0 0.1 0.2 0.3 1 1.1 1.2 2 З? 4 4.1 4.2 4.2.1 4.2.2 4.2.3 4.2.4 4.3 4.3.1 4.3.2 4.3.3 5 5.1 5.2 5.2.1 5.2.2 6 7 7.1 7.2 7.3 8 8.1 8.2 8.3
—? —? —? —? 0.1 0.2 а?) Ь?) с?) d)
0.3
Requirements
1 1.1 1.2 2 ISO/IEC 17799:2005 Information technology — Security techniques — Code of practice for information security management.
3.7
3.9 [ISO/IEC Guide 73:2002]
3.10 [ISO/IEC Guide 73:2002]
3.11 3.12 [ISO/IEC Guide 73:2002]
3.13 [ISO/IEC Guide 73:2002]
3.14 3.15 [ISO/IEC Guide 73:2002]
3.16 4 4.1 4.2 4.2.1 а?) Ь?)
1) 2) 3) 4) 5) с?) 1) 2) ISO/IEC: TR 13335-3 d) 1) 2) 3) 4) е?) 1) 2) 3) 4) f) 1) 2) 3) 4) h) і?) j) 1) 2) 3) 4.2.2 а?) Ь?) с?) d) е?) f) h) 4.2.3 а?) 1) 2) 3) 4) 5) Ь?) с?) d) 1) 2) 3) 4) 5) 6) е?) f) h) 4.2.4 а?) Ь?) с?) d) 4.3 4.3.1 а?) b) с?) d) е?) f) g) h) і?) —? —? 4.3.2 а?) Ь?) с?) d) е?) f) h) і?) j) 4.3.3 5 5.1 а?) Ь?) с?) d) е?) f) h) 5.2 5.2.1 а?) Ь?) с?) d) е?) f)
5.2.2 а?) Ь?) с?) d) 6 а?) Ь?) с?) d) ISO 19011:2002 7 7.1 7.2 а?) Ь?) с?) d) е?) f) h) і?) 7.3 а?) Ь?) с?) 1) 2) 3) '/ 4) 5) 6) d) е?) 8 8.1 8.2 а?) Ь?) с?) е?) f) 8.3 а?) Ь?) с?) d) е?)
0.1 0.2 0.3 0.1 0.2 0.3 0.4 1.1 1.2 1.1 1.2 4.1 4.2 4.2.1 4.2.2 4.2.3 4.2.4 4.1 8.2.3 . 8.2.4 4.1 4.4 4.5.1 4.3.1 4.3.2 4.3.3 4.2.1 4.2.2 4.2.3 4.2.4 4.5.4 5.1 5.1 5.2 5.3 5.4 5.5 4.3 5.2.1 5.2.2 6.1 6.2 6.2.2 6.3 6.4 7.1 7.2 7.3 5.6.1 5.6.2 5.6.3 8.1 8.2 8.3 8.5.1 8.5.2 8.5.3 ISO 9001:2000 1 ISO 0001:2000 Quality management systems — Requirements
2 ISO/IEC 13335-1:2004 Information technology — Security techniques — Management of information and communications technology security — Part 1: Concepts and models for information and communications technology security management
3 ISO/ EC TR 13335-3:1998 Information technology — Guidelines for the management of IT Security — D art 3: Techniques for the management of IT security
4 ISO/IEC 13335-4:2000 Information technology — Guidelines for the management of IT Security — Part 4: Selection of safeguards
5 ISO 14001:2004 Environmental management systems — Requirements with guidance for use
6 ISO/IEC TR 18044:2004 Information technology — Security techniques — Information security incident management
7 ISO 19011:2002 Guidelines for quality and/or environmental management systems auditing
8 ISO/IEC Guide 62:1996 General requirements for bodies operating assessment and certification/ registration of quality systems
9 ISO/IEC Guide 73:2002 Risk management — Vocabulary — Guidelines for use in standards.
1 OECD, Guidelines for the Security of Information Systems and Networks — Towards a Culture of Security. 3 aris: OESD, July 2002. www.oecd.org
2 NIST SP 800-30, Risk Management Guide for Information Technology Systems
3 Deming W.E., Out of the Crisis, Cambridge, Mass: MIT, Center for Advanced Engineering Study, 1986