|
US$1499.00 · In stock
Delivery: <= 10 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 30271-2013: Information security technology -- Assessment criteria for information security service capability
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 30271-2013 | English | 1499 |
Add to Cart
|
10 days [Need to translate]
|
Information security technology -- Assessment criteria for information security service capability
| Valid |
GB/T 30271-2013
|
PDF similar to GB/T 30271-2013
Basic data | Standard ID | GB/T 30271-2013 (GB/T30271-2013) | | Description (Translated English) | Information security technology -- Assessment criteria for information security service capability | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 68,676 | | Quoted Standard | GB/T 20984-2007; GB/T 25069-2010; GB/T 30283 | | Regulation (derived from) | National Standards Bulletin 2013 No. 27 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This standard specifies the criteria for assessing service process model and information security service provider service capabilities. This standard applies to the ability of information security service providers to assess, but also for service provide | GB/T 30271-2013: Information security technology -- Assessment criteria for information security service capability
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Assessment criteria for information security serviece capability
ICS 35.040
L80
National Standards of People's Republic of China
Information Security Technology
Information security services capability assessment guidelines
Issued on. 2013-12-31
2014-07-15 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Preface Ⅰ
Introduction Ⅱ
1 Scope 1
2 Normative references 1
3 Terms, Definitions and Abbreviations 1
3.1 Terms and definitions
3.2 Abbreviations 2
4 Overview 3
4.1 Information Security Services Process Overview 3
Principle 4 4.2 Capacity Evaluation
Information Security Services course 4 5
5.1 D01 organizational strategy 4
5.2 D02 Planning 15
5.3 D03 embodiment Delivery 31
5.4 D04 monitor support 39
5.5 D05 improved inspection 52
6 ability level information security services 57
6.1 Overview 57
6.2 Ability to perform basic Level 1 57
6.3 capability level 2 program tracking 57
6.4 capability level 3 well defined 58
Quantization control capability level 4 6.5 59
6.6 Continuous improvement capability level 5 59
7 Information Security Services Capacity Evaluation 60
References 62
Foreword
This standard was drafted in accordance with GB/T 1.1-2009 given rules.
This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points.
This standard drafting units. China Information Security Evaluation Center, Beijing Jiangnan Bo-Technology Co., Ltd., Beijing Zhongtian Information Technology Security
Services Limited.
The main drafters. Zhang Li, Tong Xin, Li Bin, class Xiaofang Wang Yan, Liu Zuokang, Ren Yubo, Shen Wu Xi.
Introduction
This standard is to provide information security services organizational capacity assessment, taking into account in the preparation process of the domestic environment and information security row
The actual situation of the industry, combined with the GB/T 20261-2006, ISO /IEC 20000-2011, COBIT4.1, NISTSP800 series
From international or regional standards.
Information Security Technology
Information security services capability assessment guidelines
1 Scope
This standard specifies the criteria to assess service process model and information security service provider service capabilities.
This standard applies to the ability of information security services provider to evaluate, but also for service providers to improve their capabilities
Provide guidance.
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein
Member. For undated references, the latest edition (including any amendments) applies to this document.
GB/T 20984-2007 Information Security Risk Assessment Specification
GB/T 25069-2010 Information security technology terms
GB/T 30283 Information Security techniques - Information security Services Classification
3 Terms, definitions and abbreviations
3.1 Terms and Definitions
GB/T 25069-2010 define the following terms and definitions apply to this document.
3.1.1
Ability level abilitylevel
The degree of improvement achieved in the process flow fields.
NOTE. The ability level is defined by the inner flow field of appropriate specific and general execution method.
3.1.2
Basic Practice basepractices
Systems engineering process should exist in nature, and only when all of these properties fully implemented, this process is available to meet the said domain
Claim.
Note. a process area from the basic practice (BP) components.
3.1.3
Capability Maturity Model capabilitymaturitymodel
Definition of the service or the development of relevant organizations during the various stages of development, implementation, control and improve the quality of modeling description.
Note. The model focused on improving organizational processes, including one or more of the essential elements of effective processes, and are described by a particular, immature processes to have group
Woven mature model proven processes to improve quality and efficiency.
3.1.4
Information Security Services informationsecurityservice
Organizations or individuals for various types of information security needs, the information service provider in accordance with a service agreement executed over security
Process or task.
Note. usually based on information security technology, products and management system, in the form of outsourcing, information provided by professional security personnel support and help.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 30271-2013_English be delivered?Answer: Upon your order, we will start to translate GB/T 30271-2013_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 30271-2013_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 30271-2013_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|