您现在的位置:首 页 > ISO认证 > ISO27001-2013英文版下载-信息安全管理体系要求
ISO27001-2013英文版下载-信息安全管理体系要求
ISO/IEC 27001:2013信息安全管理体系要求最新版2013版,我国等同采用转化为国标GB/T 22080,国标目前仅更新至2008版。
Contents
Foreword.........................................................................................................iv
0 Introduction....................................................................................................v
1 Scope...........................................................................................................1
2 Normative references............................................................................................1
3 Terms and definitions...........................................................................................1
4 Context of the organization...................................................................................1
4.1 Understanding the organization and its context............................................................... 1
4.2 Understanding the needs and expectations of interested parties............................................. 1
4.3 Determining the scope of the information security management system........................................... 1
4.4 Information security management system........................................................................ 2
5 Leadership.......................................................................................................2
5.1 Leadership and commitment..................................................................................
5.2 Policy........................................................................................................ 2
5.3 Organizational roles, responsibilities and authorities........................................................ 3
6 Planning.........................................................................................................3
6.1 Actions to address risks and opportunities.................................................................... 3
6.2 Information security objectives and planning to achieve them.................................................. 5
7 Support.........................................................................................................5
7.1 Resources..................................................................................................... 5
7.2 Competence.................................................................................................... 5
7.3 Awareness..................................................................................................... 5
7.4 Communication................................................................................................. 6
7.5 Documented information........................................................................................ 6
8 Operation........................................................................................................7
8.1 Operational planning and control.............................................................................. 7
8.2 Information security risk assessment.......................................................................... 7
8.3 Information security risk treatment........................................................................... 7
9 Performance evaluation...........................................................................................7
9.1 Monitoring, measurement, analysis and evaluation.............................................................. 7
9.2 Internal audit................................................................................................ 8
9.3 Management review............................................................................................. 8
10 Improvement.....................................................................................................9
10.1 Nonconformity and corrective action.......................................................................... 9
10.2 Continual improvement....................................................................................... 9
Annex A (normative) Reference control objectives and controls.....................................................10
Bibliography......................................................................................................23
图文展示
三标认证之ISO14001认证体系实施与运行指南解密如何实施与运行环境管理体系ISO14001认证标准
FSC认证适用企业及如何获得FSC认证标签了解全球客户对FSC认证要求及如何使用FSC认证标签
三标认证之ISO45001:2018认证职业健康安全体系换版指引了解新版职业健康安全管理体系变化及ISO45001:2018认证换版需注意事项
多年专业经验让企业顺利通过知识产权认证承研承制项目及高新认评分必要条件获得多重补贴高达55万
HACCP认证与ISO22000认证和FSSC22000认证区别与联系识别这些食品安全认证体系间区别和联系以便企业更好选择和实施认证
ISO认证之ISO50001认证能源管理体系认证条件和范围用系统的管理手段降低能源消耗、提高能源利用效率,提升企业竞争力。
不同于ISO9001认证售后服务认证GB/T27922认证评价方法五星售后服务认证凸显企业售后服务水平获得竞争优势
ISO17025认证实验室认可条件与作用向社会出具高质量的报告和证书,并被社会各界接受认同,是实验室适应市场经济需求的核心问题,通过认可的实验室出具的报告在全球的58个组织都被认可。
咨询电话:4000-816-938
在线客服