GB/T 30271-2013 English PDFUS$1499.00 · In stock
Delivery: <= 10 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 30271-2013: Information security technology -- Assessment criteria for information security service capability Status: Valid
Basic dataStandard ID: GB/T 30271-2013 (GB/T30271-2013)Description (Translated English): Information security technology -- Assessment criteria for information security service capability Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 68,676 Quoted Standard: GB/T 20984-2007; GB/T 25069-2010; GB/T 30283 Regulation (derived from): National Standards Bulletin 2013 No. 27 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China Summary: This standard specifies the criteria for assessing service process model and information security service provider service capabilities. This standard applies to the ability of information security service providers to assess, but also for service provide GB/T 30271-2013: Information security technology -- Assessment criteria for information security service capability---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology. Assessment criteria for information security serviece capability ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Information security services capability assessment guidelines Issued on. 2013-12-31 2014-07-15 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released Table of ContentsPreface Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms, Definitions and Abbreviations 1 3.1 Terms and definitions 3.2 Abbreviations 2 4 Overview 3 4.1 Information Security Services Process Overview 3 Principle 4 4.2 Capacity Evaluation Information Security Services course 4 5 5.1 D01 organizational strategy 4 5.2 D02 Planning 15 5.3 D03 embodiment Delivery 31 5.4 D04 monitor support 39 5.5 D05 improved inspection 52 6 ability level information security services 57 6.1 Overview 57 6.2 Ability to perform basic Level 1 57 6.3 capability level 2 program tracking 57 6.4 capability level 3 well defined 58 Quantization control capability level 4 6.5 59 6.6 Continuous improvement capability level 5 59 7 Information Security Services Capacity Evaluation 60 References 62ForewordThis standard was drafted in accordance with GB/T 1.1-2009 given rules. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. This standard drafting units. China Information Security Evaluation Center, Beijing Jiangnan Bo-Technology Co., Ltd., Beijing Zhongtian Information Technology Security Services Limited. The main drafters. Zhang Li, Tong Xin, Li Bin, class Xiaofang Wang Yan, Liu Zuokang, Ren Yubo, Shen Wu Xi.IntroductionThis standard is to provide information security services organizational capacity assessment, taking into account in the preparation process of the domestic environment and information security row The actual situation of the industry, combined with the GB/T 20261-2006, ISO /IEC 20000-2011, COBIT4.1, NISTSP800 series From international or regional standards. Information Security Technology Information security services capability assessment guidelines1 ScopeThis standard specifies the criteria to assess service process model and information security service provider service capabilities. This standard applies to the ability of information security services provider to evaluate, but also for service providers to improve their capabilities Provide guidance.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 20984-2007 Information Security Risk Assessment Specification GB/T 25069-2010 Information security technology terms GB/T 30283 Information Security techniques - Information security Services Classification 3 Terms, definitions and abbreviations 3.1 Terms and Definitions GB/T 25069-2010 define the following terms and definitions apply to this document. 3.1.1 Ability level abilitylevel The degree of improvement achieved in the process flow fields. NOTE. The ability level is defined by the inner flow field of appropriate specific and general execution method. 3.1.2 Basic Practice basepractices Systems engineering process should exist in nature, and only when all of these properties fully implemented, this process is available to meet the said domain Claim. Note. a process area from the basic practice (BP) components. 3.1.3 Capability Maturity Model capabilitymaturitymodel Definition of the service or the development of relevant organizations during the various stages of development, implementation, control and improve the quality of modeling description. Note. The model focused on improving organizational processes, including one or more of the essential elements of effective processes, and are described by a particular, immature processes to have group Woven mature model proven processes to improve quality and efficiency. 3.1.4 Information Security Services informationsecurityservice Organizations or individuals for various types of information security needs, the information service provider in accordance with a service agreement executed over security Process or task. Note. usually based on information security technology, products and management system, in the form of outsourcing, information provided by professional security personnel support and help. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 30271-2013_English be delivered?Answer: Upon your order, we will start to translate GB/T 30271-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 30271-2013_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 30271-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
