|
US$669.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 24363-2009: Information security technology -- Specifications of emergency response plan for information security
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 24363-2009 | English | 669 |
Add to Cart
|
5 days [Need to translate]
|
Information security technology -- Specifications of emergency response plan for information security
| Valid |
GB/T 24363-2009
|
PDF similar to GB/T 24363-2009
Basic data | Standard ID | GB/T 24363-2009 (GB/T24363-2009) | | Description (Translated English) | Information security technology -- Specifications of emergency response plan for information security | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 29,256 | | Date of Issue | 2009-09-30 | | Date of Implementation | 2009-12-01 | | Quoted Standard | GB/T 20984-2007; GB/Z 20985-2007; GB/Z 20986-2007; GB/T 20988-2007; GB/T 22239-2008; GB/T 22240-2008 | | Regulation (derived from) | Announcement of Newly Approved National Standards No. 10 of 2009 (No. 150 overall) | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This standard specifies the preparation of information security emergency response plan preparation, establishing information security emergency response plan document the basic elements of the content requirements and format specifications. This standard applies to the entire organization, including the organization of the sector and the organization's information systems (including network) surface layers of information security emergency response plan. | GB/T 24363-2009: Information security technology -- Specifications of emergency response plan for information security
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Specifications of emergency response plan for information security
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology
Information Security Emergency Response Program Guidelines
Posted 2009-09-30
2009-12-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions
4 Abbreviations 2
Preparation of emergency response plans prepared 5 2
5.1 Risk Assessment 2
5.2 Business Impact Analysis 2
5.3 to develop emergency response strategies 3
6 preparation of emergency response plans Document 3
6.1 Overview 3
6.2 General 4
6.3 Roles and Responsibilities 4
6.4 Prevention and early warning mechanisms 5
6.5 Emergency Response Scheme 5
6.6 Emergency Response safeguards 7
Then negative impact. Therefore, to reduce the impact of information security incidents to the organization and business should develop effective information security emergency response count
Planning, and formed plans.
Development of information security emergency response plan is a cycle, continuous improvement process, comprising the following stages.
Preparation prepared a) emergency response plans;
b) the preparation of emergency response planning documents;
c) test emergency response plans, training, exercises and maintenance.
Information Security Technology
Information Security Emergency Response Program Guidelines
1 Scope
This standard specifies the preparation of the information security emergency response plan preparation, established the basic information security and emergency response plan document
Elements, content requirements and format specifications.
This standard applies to include the entire organization, organization of information systems departments and organizations (including networks) surface layers of information
Safety emergency response plans.
This standard is responsible for developing and maintaining information security and emergency response plans provide guidance.
2 Normative references
The following documents contain provisions which, through reference in this standard and become the standard terms. For dated references, subsequent
Amendments (not including errata content) or revisions do not apply to this standard, however, encourage the parties to the agreement are based on research
Whether the latest versions of these documents. For undated reference documents, the latest versions apply to this standard.
GB/T 20984-2007 Information Security techniques - Information security risk assessment specification
GB /Z20985-2007 IT Security techniques - Information security incident management guide
GB /Z20986-2007 Information Security techniques - Information security incident classification and grading guide
GB/T 20988-2007 Information security technology information system disaster recovery norms
GB/T 22239-2008 Information security technology information system security protection essential requirements
GB/T 22240-2008 Information security technology information system security protection rating guide
3 Terms and Definitions
The following terms and definitions apply to this standard.
3.1
Computer and related and ancillary equipment, facilities (including network) constituted in accordance with certain objectives and rules of application information
Collecting, processing, storage, transmission, retrieval and processing of man-machine systems.
[GB /Z20986-2007]
3.2
Due to natural or man-made as well as the hardware and software itself defect or malfunction, cause harm to information systems, or occur in the information system
A negative impact on social events.
[GB /Z20986-2007]
3.3
Business functions and their associated information systems resources to analyze, evaluate the impact of specific information security events on a variety of business functions in the process.
3.4
In order to respond to emergencies/significant information security events ready to have done, and the measures taken after the event organization.
|