Deliverables
《企業信息安全風險評估報告》
Enterprise information security risk assessment report
《企業業務數據庫風險評估報告》
Enterprise business database risk assessment report
Reference standard
《信息技術 安全技術 信息安全管理實施指南》(ISO/IEC 27002:2013)
Implementation Guide for information technology security management (ISO / IEC 27002:2013)
《信息安全技術 信息系統安全等級保護基本要求》(GB/T 22239-2008)
Information security technology - basic requirements for security level protection of information systems (GB / T 22239-2008)
《信息安全技術 信息安全風險管理指南》(GB/Z 24364-2009)
Information security technology - Guidelines for information security risk management (GB / Z 24364-2009)
《信息安全技術 信息安全風險評估規範》(GB/T 20984-2007)
Information security technology - Code for information security risk assessment (GB / T 20984-2007)
《信息安全技術 信息安全風險評估實施指南》(GB/T 31509-2015)
Information security technology - Guidelines for the implementation of information security risk assessment (GB / T 31509-2015)
《NIST-SP800-30 Guide for Conducting Risk Assessments風險評估指南》
Nist-sp800-30 guide for conducting risk assessments
《NIST-SP800-26 Security Self-Assessment Guide for Information Technology Systems》
《NIST-SP800-26 Security Self-Assessment Guide for Information Technology Systems》
(NIST-SP800 信息技術系統安全自我評估指南)
(nist-sp800 information technology system security Self Assessment Guide)
《信息安全技術 信息安全事(shì)件管理指南》(GB/T 20985-2007)
Information security technology - Guidelines for information security incident management (GB / T 20985-2007)