JR/T 0072-2020 (JR/T 0072-2012) PDF English
Price & Delivery
US$2520.00 · In stock · Download in 9 secondsJR/T 0072-2012: Testing and evaluation guide for classified protection of information system of financial industry
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Obsolete
JR/T 0072: Historical versions
| Standard ID | USD | BUY PDF | Delivery | Standard Title (Description) | Status |
| JR/T 0072-2020 | 8039 | Add to Cart | 25 days | Testing and evaluation guidelines for classified protection of cybersecurity of financial industry | Valid |
| JR/T 0072-2012 | 2520 | Add to Cart | Auto, 9 seconds. | Testing and evaluation guide for classified protection of information system of financial industry | Obsolete |
Click to Preview this PDF
Similar standards
JR/T 0072-2012: Testing and evaluation guide for classified protection of information system of financial industry
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/JRT0072-2012
JR ICS 03.060 A 11 INDUSTRY STANDARDS OF THE PEOPLE’S REPUBLIC OF CHINA Testing and Evaluation Guide for Classified Protection of Information System of Financial Industry Issued on: JULY 06, 2012 Implemented on: JULY 06, 2012 Issued by. THE PEOPLE'S BANK OF CHINA 3.No action is required - Full-copy of this standard will be automatically & immediately delivered to your EMAIL address in 0~60 minutes.
Table of Contents
Foreword... 6 Introduction... 7 1 Scope... 8 2 Normative references... 8 3 Overview... 9 3.1 Evaluation contents... 9 3.2 Evaluation object... 10 3.3 Evaluation index... 10 3.4 Evaluation method... 10 3.4.1 Field evaluation method... 11 3.4.2 Risk analysis method... 11 3.5 Class-evaluation risk... 12 3.5.1 Verification evaluation that impacts normal operation of system... 12 3.5.2 Tool evaluation that impacts normal operation of system... 12 3.5.3 Sensitive information leakage... 12 4 Class-evaluation process... 12 4.1 Evaluation preparation... 12 4.2 Program preparation... 13 4.3 Field evaluation activity... 13 4.4 Analysis and report preparation activity... 13 5 Evaluation preparation... 13 5.1 Project initiation... 13 5.2 Information collection and analysis... 14 5.3 Tools and forms preparation... 14 6 Evaluation program... 14 6.1 Determination of evaluation object... 14 6.2 Determination of evaluation indexes... 15 6.2.1 Types of security control indicators of second-level information system... 16 6.2.2 Types of security control indicators of third-level information system. ... 16 6.2.3 Types of security control indicators of fourth-level information system... 17 6.3 Determination of evaluation tool’s access-point... 17 6.4 Determination of unit-evaluation content... 18 6.5 Evaluation program preparation... 18 7 Field evaluation... 19 7.1 Unit-evaluation... 19 7.1.1 Unit-evaluation for second-level information system... 19 7.1.1.1 Security technology evaluation... 19 7.1.1.1.1 Physical security... 19 7.1.1.1.2 Network security... 30 7.1.1.1.3 Host security... 37 7.1.1.1.4 Application security... 45 7.1.1.1.5 Data security and backup recovery... 53 7.1.1.2 Security management evaluation... 57 7.1.1.2.1 Security management system... 57 7.1.1.2.2 Security management institution... 60 7.1.1.2.3 Personnel security management... 65 7.1.1.2.4 System construction management... 70 7.1.1.2.5 System operation-maintenance management... 80 7.1.2 Unit-evaluation for third-level information system... 97 7.1.2.1 Security technology evaluation... 97 7.1.2.1.1 Physical security... 97 7.1.2.1.2 Network security... 113 7.1.2.1.3 Host security... 123 7.1.2.1.4 Application security... 136 7.1.2.1.5 Data security and backup recovery... 148 7.1.2.2 Security management evaluation... 153 7.1.2.2.1 Security management system... 153 7.1.2.2.2 Security management mechanism... 156 7.1.2.2.3 Personnel security management... 165 7.1.2.2.4 System construction management... 171 7.1.2.2.5 System operation management... 186 7.1.3 Unit-evaluation for fourth-level information system... 210 7.1.3.1 Security technology evaluation... 210 7.1.3.1.1 Physical security... 210 7.1.3.1.2 Network security... 228 7.1.3.1.3 Host security... 240 7.1.3.1.4 Application security... 254 7.1.1.1.5 Data security and backup recovery... 268 7.1.3.2 Security management evaluation... 274 7.1.3.2.1 Security management system... 274 7.1.3.2.2 Security management institution... 278 7.1.3.2.3 Staff security management... 287 7.1.3.2.4 System construction management... 294 7.1.3.2.5 System operation and maintenance management... 310 7.2 Overall evaluation... 338 7.2.1 Evaluation among security control points... 338 7.2.2 Inter-levels security evaluation... 339 7.2.3 Inter-areas security evaluation... 340 7.2.4 System structure security evaluation... 341 8 Analysis and report preparation... 342 8.1 Result judgment of unit-evaluation... ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
