ISO IEC 27036-1-2021.docx

上传人:p** 文档编号:1266540 上传时间:2024-12-27 格式:DOCX 页数:16 大小:39.13KB
下载 相关 举报
ISO IEC 27036-1-2021.docx_第1页
第1页 / 共16页
ISO IEC 27036-1-2021.docx_第2页
第2页 / 共16页
ISO IEC 27036-1-2021.docx_第3页
第3页 / 共16页
ISO IEC 27036-1-2021.docx_第4页
第4页 / 共16页
ISO IEC 27036-1-2021.docx_第5页
第5页 / 共16页
ISO IEC 27036-1-2021.docx_第6页
第6页 / 共16页
ISO IEC 27036-1-2021.docx_第7页
第7页 / 共16页
ISO IEC 27036-1-2021.docx_第8页
第8页 / 共16页
ISO IEC 27036-1-2021.docx_第9页
第9页 / 共16页
ISO IEC 27036-1-2021.docx_第10页
第10页 / 共16页
亲,该文档总共16页,到这儿已超出免费预览范围,如果喜欢就下载吧!
资源描述

《ISO IEC 27036-1-2021.docx》由会员分享,可在线阅读,更多相关《ISO IEC 27036-1-2021.docx(16页珍藏版)》请在第壹文秘上搜索。

1、INTERNATIONA1.STANDARDISO/IEC27036-1editionSecond2021-09CybersecuritySupp1.ierre1.ationships一iewandconceptsCybersecuriteRe1.ationsavecIefurnisseurPartie1:Aperugra1.etconceptsReferencenumberISO/IEC27036-1.:2021(E)CISO/IEC2021COPYRIGHTPROTECTEDDOCUMENTIS0/1EC2021M11chefivdi1.itedotherwise*ri快ChBxXniEX

2、1.msitRiDhmw;ItmiihrCoPwnR.pnttjuiionpostingontheinternetoranInunnu1.withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOatt1.addressbe1.oworISO*smemberhodyinthecountryofth?rrcucstcr.三cB1.andonnct8r,GenevaPhone:t41227490111辆jtc:用洲部砾o.orgPub1.ishedinSwitzer1.andContentsForewordivIntrod

3、uction.2 Scope3 Normativereferences4 Termsanddefinitions5 Sy1.nbOiSandabbreviatedterms.Prob1.emdefinitionandkeyconceptsMotivesforestab1.ishingsupp1.ierre1.ationshipsTyPeSofsupp1.ierre1.ationships3444S.2.1Supp1.ierre1.ationshipsforproducts5.2.3 ICTsupp1.ychain5.2.4 C1.oudcomputing.4用为nit能那躺曲醺ity融版ier

4、ii三8hip国赤那蝌梅threats6551C*SUPP1.yChainOOnSIde1.9Overa1.1.1S0/IEC27036structureandoverview106.1 Purposeandstructure106.2 OvemewofISO/IEC27036-1:Overviewandconcepts106.3 OverviewofISO/IEC27036-2:Requirements-106.4 Guide1.inesforinformationandcommunicationtechno1.ogy(ICT)supp1.ychainsecurity116.5 Overvi

5、ewofISO/IEC27036-4:Guide1.inesforsecurityofc1.oudservices11Bib1.iography一MaMmuaa_MMMMMBMM“一12ForewordISO(theInternationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.GwnibcrsOfiJSOrm1.H65pactHd(S那而UAWHoPWWfcf1.otMandamdgion.StNnderddtghtechniMbcommitteesestab1.ishedbythe

6、respectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsofmutua1.interestOtherinternationa1.W仞恋胡用rg胭Fftf*VH电热RMift由温搐版就Sheda掂瓜/r?J1.w1.ee,1SOIECTC1.Internationa1.Standardsaredraftedinaccordancewiththeru1.esgivenintheISO/IECDirectives,Part2.Tmitte

7、eistoprepareInternationa1.Standards.DraftInternationa1.Smitteearecircu1.atedtonationa1.bodiesforvoting.PfjMtionv,anInternationa1.Standardrequiresapprova1.byat1.east75%ofthenationa1.bodiesAttentionisdrawntothepossibi1.itythatsomeofthee1.ementsofthisdocumentmaybethesubjectofpatentrights.ISOandIECsha1.

8、1.notbehe1.dresponsib1.eforidentifyinganyora1.1.suchpatentrights.ISO/IEC27036-1waspreparedbyJointTechnica1.CommitteeISO/IECJTC1,Informationtechno1.ogy.SubcommitteeSC27.Informationsecurity,cybersecurity,andphvac),protection.3(SKeMUt!i!)iW1.ft1.ft.andrep1.acesthefirstedition(ISO/IEC27036-1:2014),ofwhi

9、chthisThemainchangescomparedtothepreriouseditionareasfo1.1.ows: changeoftit1.e; revisionofC1.ause2; a1.ignmentwithdraftingru1.es; ISO/IEC27036(a1.1.parts)addedinBib1.iography.A1.istofa1.1.partsintheISO/IEC27036seriescanbefoundontheISOwebsiteIntroductionre1.ationshipswithsupp1.iersofdifferentkindstha

10、tde1.iverproductsorservices.informationoftheinformationwhenprocessing.controbkquirersmonitorProdUaionPhySiCa1.deIiVeryIogiCa1.PrOCeSSeStotheThUs,acquirerstreatedsupp1.ierscanacquirerinformationorganizationsthroughappropriatemanagementeffective1.y1.nternationa1.informationsecurityinherentmanagingre1.

11、ationships.re1.ationshipsinordertosupp1.ierre1.ationshipsthataredescribedasgenera1.recommendationsin1SOIEC27002.consu1.tingsoftware,p1.atform,infrastructureoutsourcedapp1.ications(ASPs),orc1.oudcomputingservicesexpectedre1.ationshipadequate1.yrequirementstheandinformationsecuritydocument.Furthermore

12、,processesobjectives.supportintermsofinformationsecurityaswe1.1.astheaccomp1.ishmentof/IEC2021-A1.1.nghtsreservedMost(ifnota1.1.)organizationsaroundthewor1.d,whatevertheirsizeordomainsofactivities,haveSuchsupp1.ierscanhaveeitheradirectorindirectaccesstotheinformationandinformationsystemsoftheacquire

13、r,orwi1.1.providee1.ements(software,hardware,processes,orhumanresources)thatwi1.1.beinvo1.vedinsupp1.iertheyorcana1.sohaveandandaccessofsupp1.ier.beassessedandandbybothcauseandsupp1.iersecurityriskseachother.Theserisksneedtoofinformationsecurityandtheimp1.ementationofre1.evantcontro1.s.Inmanyinstanc

14、es,organizationshaveadoptedISO/IEC27001andISO1EC27002forthemanagementoftheirinformationsecurity.Suchcontro1.theStandardsshou1.da1.soHerisksadoptedthosesupp1.ierThisdocumentprovidesfurtherdetai1.edimp1.ementationguidanceonthecontro1.sdea1.ingWithvSupp1.ierre1.ationshipsinthecontextofthisdocumentinc1.

15、udeanysupp1.ierre1.ationshipthatcanhaveinformationsecurityimp1.ications,e.g.informationtechno1.ogy,hea1.thcareServicesJanitoriaIservices.(suchasservices,R&DOrpartnerships,asaservice).Boththesupp1.ierandacquirershou1.dtakeresponsibi1.ityforachievingtheobjectivesinthesupp1.ier-isacquirertheyandimp1.ementtheaddressingguide1.inesofthisrisksthatCanoccur.It

展开阅读全文
相关资源
猜你喜欢
相关搜索

当前位置:首页 > 行业资料 > 国内外标准规范

copyright@ 2008-2023 1wenmi网站版权所有

经营许可证编号:宁ICP备2022001189号-1

本站为文档C2C交易模式,即用户上传的文档直接被用户下载,本站只是中间服务平台,本站所有文档下载所得的收益归上传人(含作者)所有。第壹文秘仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。若文档所含内容侵犯了您的版权或隐私,请立即通知第壹文秘网,我们立即给予删除!