This standard provides guidance for information security risk management. This standard supports the general concepts stipulated in GB/T 22080, and aims to provide assistance for the compliance with the requirements of information security based on risk management methods. Knowing the concepts, models, processes and terms described in GB/T 22080 and GB/T 22081 is important for a complete understanding of this standard. This International Standard is applicable to various types of organizations (eg, commercial enterprises, government agencies, not-for-profit organizations) that wish to manage risks that may compromise the security of their information.
GB/T 31722-2015 Referenced Document
GB/T 22080-2008 Information technology.Security techniques.Information security management systems.Requirements
GB/T 22081-2008 Information technology.Security techniques.Code of practice for information security management
GB/T 31722-2015 history
2015GB/T 31722-2015 Information technology.Security techniques.Information security risk management