|
US$589.00 · In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 31495.3-2015: Information security technology -- Indicator system of information security assurance and evaluation methods -- Part 3: Implementation guide
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 31495.3-2015 | English | 589 |
Add to Cart
|
5 days [Need to translate]
|
Information security technology -- Indicator system of information security assurance and evaluation methods -- Part 3: Implementation guide
| Valid |
GB/T 31495.3-2015
|
PDF similar to GB/T 31495.3-2015
Basic data | Standard ID | GB/T 31495.3-2015 (GB/T31495.3-2015) | | Description (Translated English) | Information security technology -- Indicator system of information security assurance and evaluation methods -- Part 3: Implementation guide | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 28,253 | | Date of Issue | 2015-05-15 | | Date of Implementation | 2016-01-01 | | Quoted Standard | GB/T 31495.1-2015; GB/T 31495.2-2015 | | Regulation (derived from) | National Standard Announcement 2015 No. 15 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This Standard specifies the Implementation Guide information security evaluation activities. This section applies to information security evaluation. | GB/T 31495.3-2015: Information security technology -- Indicator system of information security assurance and evaluation methods -- Part 3: Implementation guide
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
. Information security technology Indicator system of information security assurance and evaluation methods Part 3. Implementation guide
ICS 35.040
L80
National Standards of People's Republic of China
Information Security techniques - Information security Index System
And evaluation method
Part 3. Implementation Guide
Part 3. Implementationguide
Issued on. 2015-05-15
2016-01-01 implementation
Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
Standardization Administration of China released
Table of Contents
Introduction Ⅲ
Introduction Ⅳ
1 Scope 1
2 Normative references 1
3 Terms and definitions
Overview 4 1
4.1 Evaluation of the effect of 1
4.2 Evaluation of the implementation of activities subject 1
4.3 may have problems and risks 1
Implementation evaluation activities 2 4.4
5 Stars 2 ready
5.1 Evaluation of preparatory activities Workflow 2
The main task of the preparatory activities 5.2 Evaluation 3
5.3 Evaluation of preparatory activities Document 4
Roles and Responsibilities 5.4 Evaluation of preparatory activities 4
6 programming 4
6.1 programming activities workflow 4
6.2 The main task of programming activities 5
Documentation 6.3 programming activities 7
Roles and responsibilities 6.4 programming activities 7
7 8 Data Acquisition
7.1 Data collection activities workflow 8
The main task of data collection activities 8 7.2
Documentation 7.3 Data Collection Activities 9
Roles and responsibilities 7.4 Data collection activities 9
8 Data Analysis 10
8.1 Data analysis activities Workflow 10
The main task of data analysis activities 10 8.2
8.3 Data analysis Active Document 14
Roles and Responsibilities 8.4 Analysis activities 14
Preparation of reports 159
9.1 reporting activities Workflow 15
The main task of reporting activities 15 9.2
Documentation 9.3 reporting activities 15
Roles and responsibilities 9.4 reporting activities 16
(Normative) information security evaluation requirements 17 Appendix A
Annex B (informative) Data Collection 18
Annex C (informative) Index Weight distribution 19
Annex D (informative) Index synthesis 21
References 22
Foreword
GB/T 31495 "Information Security Information Security System Evaluation Index" is divided into the following three parts.
--- Part 1. Concepts and models;
--- Part 2. Index System;
--- Part 3. Implementation Guide.
This section GB/T Part of 331,495.
This section drafted in accordance with GB/T 1.1-2009 given rules.
Please note that some of the content of this document may involve patents. Release mechanism of the present document does not assume responsibility for the identification of these patents.
This part of the National Security Standardization Technical Committee (SAC/TC260) and focal points.
This section is drafted. State Information Center, the State Press and Publication Administration of Radio Supervision Center, China Information Security Evaluation Center, China Electric
Holdings, China Mobile Communications Group, Dalian University of Technology, the National Energy Administration Information Center, Jiangsu Information Center, China Civil Aviation University of China
Electric Power Research Institute.
The main drafters of this section. Dequan, LU Xin, Wang Xianlei, Wang Changsheng, Guo Yanqing, Yang full moon, Lishou Peng, Lv Hanyang, Du Wei, Xiao Ying,
Mo Zhang Nan, Luo Cheng, Wu Zhijun, a Young Man, Xie Donghui, Cheng Lu, Hong Hu liter, Sun Xiaohong, Xu Hao, Zhou Chi, Chen Min, the Lei Jin, Fan Hui, Kunlun high,
Li Peng, Li Hui.
Introduction
GB/T 31495 in accordance with relevant national requirements for information security work, the proposed information security concepts and model evaluation
Index System and Implementation Guide.
GB/T 31495 consists of three parts. Part 1 describes the various parts of this standard on the basis of universal concepts, gives information security protection
Concepts and models impaired and information security evaluation model gives a measure of indicators; Part 2 is given in the first part of the model guidance
The information security system and process indicators measure; Part 3 gives information security evaluation should follow to implement the
Requirements, processes and methods.
GB/T 31495 is mainly used for. information security posture government departments judgment and macro support decision-making;-based information network
Information security management and network management of critical information systems departments and operating units to provide support.
Information Security techniques - Information security Index System
And evaluation method
Part 3. Implementation Guide
1 Scope
GB/T 31495 provisions of this part of the Implementation Guide for information security evaluation activities.
This section applies to information security evaluation.
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein
Member. For undated references, the latest edition (including any amendments) applies to this document.
GB/T 31495.1-2015 Information Security techniques - Information security system and evaluation method - Part 1. Concepts and
model
GB/T 31495.2-2015 Information Security techniques - Information security index system and methods - Part 2. Index System
3 Terms and Definitions
Terms and definitions GB/T 31495.1-2015 and GB/T 31495.2-2015 defined in this document apply.
4 Overview
4.1 Evaluation of the action
To reflect the information security situation, according to the index system of information security construction, operational capabilities and security situation into
Line a comprehensive evaluation results provide support for decision-making and information security management.
4.2 Evaluation of the implementation of activities subject
Implementation of the main evaluation activities may be information security authorities, it can also be a third-party research and consulting firm. Perform evaluation activities
Body according to the actual needs of information security evaluation, the evaluation team set up and carry out evaluation activities.
4.3 may have problems and risks
Prior to the implementation of the specific evaluation activities, evaluation activities need to carefully analyze the potential risk and responsibility before the relevant evaluation activities
Parties necessary notification.
Problems of information security evaluation activities might encounter include, but are not limited to.
a) information disclosure.
Evaluation activities may result in disclosure of sensitive information. Evaluation of the required raw data, and these data after the regular shape
A document may contain sensitive information, disclosure will once data owner or responsible party affected.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 31495.3-2015_English be delivered?Answer: Upon your order, we will start to translate GB/T 31495.3-2015_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 31495.3-2015_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 31495.3-2015_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|