|
US$274.00 ยท In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 32923-2016: Information technology -- Security techniques -- Governance of information security
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 32923-2016 | English | 274 |
Add to Cart
|
3 days [Need to translate]
|
Information technology -- Security techniques -- Governance of information security
| Valid |
GB/T 32923-2016
|
PDF similar to GB/T 32923-2016
Basic data | Standard ID | GB/T 32923-2016 (GB/T32923-2016) | | Description (Translated English) | Information technology -- Security techniques -- Governance of information security | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 14,117 | | Date of Issue | 2016-08-29 | | Date of Implementation | 2017-03-01 | | Regulation (derived from) | National Standard Announcement 2016 No.14 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | GB/T 32923-2016: Information technology -- Security techniques -- Governance of information security
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information technology - Security techniques - Governance of information security
ICS 35.040
L80
National Standards of People's Republic of China
Information technology security technology information security governance
(ISO /IEC 27014..2013, IDT)
2016-08-29 released
2017-03-01 implementation
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China
China National Standardization Management Committee released
Directory
Preface III
Introduction IV
1 Scope 1
2 normative reference document 1
3 Terms and definitions 1
4 concept 1
4.1 General 1
4.2 Goal 2
4.3 Expected results 2
4.4 Relationships 2
5 Principles and processes 3
5.1 Overview 3
5.2 Principle 3
5.3 Process 4
Appendix A (informative) Information Security Status Example 7
Appendix B (informative) Detailed information Security status Example 8
Reference 9
Foreword
This standard is drafted in accordance with the rules given in GB/T 1.1-2009.
This standard uses the translation method equivalent to ISO /IEC 27014..2013 "information technology security technology information security management".
Please note that some of the contents of this document may involve patents. The issuer of this document does not assume responsibility for the identification of these patents.
This standard is proposed by the National Information Security Standardization Technical Committee (SAC/TC260).
This standard drafting unit. China Great Wall Internet System Application Co., Ltd., China Information Security Evaluation Center, China Electronic Technology Standardization
Research Institute, China Information Security Research Institute Limited.
The main drafters of this standard. Min Jinghua, Zhang Xiaofei, Shangguan Xiaoli, Xu Yana, Li Bin, Luo Fengying, Wang Huiriang, Zuo Xiaodong, Zhou Yachao,
Liu Heng, Zhang Xing, Li Gang, Chen Hongbo, Zhang Chunming, Zhang Jin, Liu Zuokang, Wang Yan, Wang Xinjie.
Introduction
This standard provides guidance on information security governance.
Information security has become a key issue in the organization. Not only increasing regulatory requirements, but also the organization of information security measures will be invalid
Affect its reputation.
Therefore, it is increasingly necessary for organizational administrators to assume the responsibility of information security oversight in governance responsibilities to ensure the achievement of organizational goals.
In addition, in the organization of the managers, the implementation of managers and responsible for the implementation and operation of information security management system personnel, information security governance
Provides a strong bond.
Information security governance provides an indispensable basis for promoting information security initiatives throughout the organization.
Furthermore, effective governance of information security ensures that managers receive reports of information security-related activities that are formed in the business context,
Adequate and timely decision-making on information security issues to support the organization's strategic objectives.
Information technology security technology information security governance
1 Scope
This standard provides guidance on the concepts and principles of information security governance. Through this standard, an organization may be responsible for information security within its scope
Activities for evaluation, guidance, monitoring and communication.
This standard applies to all types and sizes of organizations.
2 normative reference documents
The following documents are indispensable for the application of this document. For dated references, only the dated edition applies to this article
Pieces. For undated references, the latest edition (including all modifications) applies to this document.
GB/T 29246-2012 Information technology security technology Information security management system overview and vocabulary (ISO /IEC 27000.
2009, IDT)
3 terms and definitions
GB/T 29246-2012 Definitions and the following terms and definitions apply to this document.
3.1
Executive manager
An individual or group of people who fulfill the intent of the organization and assume responsibility for the strategy and strategy assigned by the organization's governor.
Note 1. Execute managers form part of the top management. In order to clarify the role, this standard distinguishes between the two groups in the highest management. the manager and the executive
The manager.
Note 2. Executives may include Chief Executive Officer/CEO (CEO), Government Agency Leader, Chief Financial Officer/CFO, Chief Operating Officer /
Operations Director (COO), Chief Information Officer/Information Director (CIO), Chief Information Security Officer/Information Security Director (CISO ) and similar roles.
3.2
The manager
An individual or group of persons who are responsible for the performance and compliance of the organization.
Note. Governance forms part of top management. In order to clarify the role, this standard distinguishes between the two groups in the highest management. the manager and the executive manager.
3.3
Information security governance governanceofinformationsecurity
Guide and control the organization of information security activities of the system.
3.4
Stakeholder stakeholder
Any person or organization that has an impact, is affected or perceived to be affected by the organization's activities.
Note. Decision makers can be stakeholders.
4 concept
4.1 General
Information security governance requires that information security objectives and strategies be aligned with business objectives and strategies and that compliance with laws, regulations, regulations and
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 32923-2016_English be delivered?Answer: Upon your order, we will start to translate GB/T 32923-2016_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 32923-2016_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 32923-2016_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|