CAN/CSA-ISO/IEC 27035-3-2021
信息技术 信息安全事件管理 第3部分:ICT 事件响应操作指南(采用 ISO/IEC 27035-3:2020 第一版 2020-09)

Information technology - Information security incident management - Part 3: Guidelines for ICT incident response operations (Adopted ISO/IEC 27035-3:2020, first edition, 2020-09)


 

 

非常抱歉,我们暂时无法提供预览,您可以试试: 免费下载 CAN/CSA-ISO/IEC 27035-3-2021 前三页,或者稍后再访问。

您也可以尝试购买此标准,
点击右侧 “立即购买” 按钮开始采购(由第三方提供)。

 

标准号
CAN/CSA-ISO/IEC 27035-3-2021
发布
2021年
发布单位
SCC
当前最新
CAN/CSA-ISO/IEC 27035-3-2021
 
 
适用范围
  Full Description Preface: Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the SCC Mirror Committee (SMC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T). At the time of publication, ISO/IEC 27035-3:2020 is available from ISO and IEC in English only. CSA Group will publish the French version when it becomes available from ISO and IEC. This Standard has been formally approved, without modification, by the Technical Committee and has been developed in compliance with Standards Council of Canada requirements for National Standards of Canada. It has been published as a National Standard of Canada by CSA Group. Scope: This document gives guidelines for information security incident response in ICT security operations. This document does this by firstly covering the operational aspects in ICT security operations from a people, processes and technology perspective. It then further focuses on information security incident response in ICT security operations including information security incident detection, reporting, triage, analysis, response, containment, eradication, recovery and conclusion. This document is not concerned with non-ICT incident response operations such as loss of paper-based documents. This document is based on the \"Detection and reporting\" phase, the \"Assessment and decision\" phase and the \"Responses\" phase of the \"Information security incident management phases\" model presented in ISO/IEC 27035-1:2016. The principles given in this document are generic and intended to be applicable to all organizations, regardless of type, size or nature. Organizations can adjust the provisions given in this document according to their type, size and nature of business in relation to the information security risk situation. This document is also applicable to external organizations providing information security incident management services.

CAN/CSA-ISO/IEC 27035-3-2021相似标准





Copyright ©2007-2022 ANTPEDIA, All Rights Reserved
京ICP备07018254号 京公网安备1101085018 电信与信息服务业务经营许可证:京ICP证110310号