HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189760 (18 Oct 2025)

JR/T 0072-2020 (JR/T 0072-2012) PDF English

US$2520.00 · In stock · Download in 9 seconds
JR/T 0072-2012: Testing and evaluation guide for classified protection of information system of financial industry
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Obsolete

JR/T 0072: Evolution and historical versions

Standard IDContents [version]USDSTEP2[PDF] deliveryName of Chinese StandardStatus
JR/T 0072-2020English8039 Add to Cart 25 days Testing and evaluation guidelines for classified protection of cybersecurity of financial industry Valid
JR/T 0072-2012English2520 Add to Cart 0-9 seconds. Auto-delivery Testing and evaluation guide for classified protection of information system of financial industry Obsolete

Excerpted PDFs (Download full copy in 9 seconds upon purchase)

PDF Preview: JR/T 0072-2012
      

Similar standards

GB/T 19584   GB/T 12406   JR/T 0067   

JR/T 0072-2012: Testing and evaluation guide for classified protection of information system of financial industry


---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/JRT0072-2012
JR ICS 03.060 A 11 INDUSTRY STANDARDS OF THE PEOPLE’S REPUBLIC OF CHINA Testing and Evaluation Guide for Classified Protection of Information System of Financial Industry Issued on: JULY 06, 2012 Implemented on: JULY 06, 2012 Issued by. THE PEOPLE'S BANK OF CHINA 3.No action is required - Full-copy of this standard will be automatically & immediately delivered to your EMAIL address in 0~60 minutes.

Table of Contents

Foreword... 6 Introduction... 7 1 Scope... 8 2 Normative references... 8 3 Overview... 9 3.1 Evaluation contents... 9 3.2 Evaluation object... 10 3.3 Evaluation index... 10 3.4 Evaluation method... 10 3.4.1 Field evaluation method... 11 3.4.2 Risk analysis method... 11 3.5 Class-evaluation risk... 12 3.5.1 Verification evaluation that impacts normal operation of system... 12 3.5.2 Tool evaluation that impacts normal operation of system... 12 3.5.3 Sensitive information leakage... 12 4 Class-evaluation process... 12 4.1 Evaluation preparation... 12 4.2 Program preparation... 13 4.3 Field evaluation activity... 13 4.4 Analysis and report preparation activity... 13 5 Evaluation preparation... 13 5.1 Project initiation... 13 5.2 Information collection and analysis... 14 5.3 Tools and forms preparation... 14 6 Evaluation program... 14 6.1 Determination of evaluation object... 14 6.2 Determination of evaluation indexes... 15 6.2.1 Types of security control indicators of second-level information system... 16 6.2.2 Types of security control indicators of third-level information system. ... 16 6.2.3 Types of security control indicators of fourth-level information system... 17 6.3 Determination of evaluation tool’s access-point... 17 6.4 Determination of unit-evaluation content... 18 6.5 Evaluation program preparation... 18 7 Field evaluation... 19 7.1 Unit-evaluation... 19 7.1.1 Unit-evaluation for second-level information system... 19 7.1.1.1 Security technology evaluation... 19 7.1.1.1.1 Physical security... 19 7.1.1.1.2 Network security... 30 7.1.1.1.3 Host security... 37 7.1.1.1.4 Application security... 45 7.1.1.1.5 Data security and backup recovery... 53 7.1.1.2 Security management evaluation... 57 7.1.1.2.1 Security management system... 57 7.1.1.2.2 Security management institution... 60 7.1.1.2.3 Personnel security management... 65 7.1.1.2.4 System construction management... 70 7.1.1.2.5 System operation-maintenance management... 80 7.1.2 Unit-evaluation for third-level information system... 97 7.1.2.1 Security technology evaluation... 97 7.1.2.1.1 Physical security... 97 7.1.2.1.2 Network security... 113 7.1.2.1.3 Host security... 123 7.1.2.1.4 Application security... 136 7.1.2.1.5 Data security and backup recovery... 148 7.1.2.2 Security management evaluation... 153 7.1.2.2.1 Security management system... 153 7.1.2.2.2 Security management mechanism... 156 7.1.2.2.3 Personnel security management... 165 7.1.2.2.4 System construction management... 171 7.1.2.2.5 System operation management... 186 7.1.3 Unit-evaluation for fourth-level information system... 210 7.1.3.1 Security technology evaluation... 210 7.1.3.1.1 Physical security... 210 7.1.3.1.2 Network security... 228 7.1.3.1.3 Host security... 240 7.1.3.1.4 Application security... 254 7.1.1.1.5 Data security and backup recovery... 268 7.1.3.2 Security management evaluation... 274 7.1.3.2.1 Security management system... 274 7.1.3.2.2 Security management institution... 278 7.1.3.2.3 Staff security management... 287 7.1.3.2.4 System construction management... 294 7.1.3.2.5 System operation and maintenance management... 310 7.2 Overall evaluation... 338 7.2.1 Evaluation among security control points... 338 7.2.2 Inter-levels security evaluation... 339 7.2.3 Inter-areas security evaluation... 340 7.2.4 System structure security evaluation... 341 8 Analysis and report preparation... 342 8.1 Result judgment of unit-evaluation... ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.