ISO/IEC 27002:2022 《Information security, cybersecurity and privacy protection — Information security controls》 (《信息安全、网络安全和隐私保护-信息安全控制》)发布,为组织信息安全标准提供指导,并为信息安全管理提供最佳实践。它考虑了一个企业独特的信息安全风险环境,通过关注组织的选择、实施和管理的安全控制。适用于任何有信息安全及期望通用信息安全控制实现最佳实践的组织。
This document provides a reference set of generic information security controls including implementation guidance. This document is designed to be used by organizations:
a) within the context of an information security management system (ISMS) based on ISO/IEC27001;
b) for implementing information security controls based on internationally recognized best practices;
c) for developing organization-specific information security management guidelines.
发表于 2022-3-4 23:08:09
发表于 2022-3-5 08:05:03
发表于 2022-3-5 08:06:16
