Professional Documents
Culture Documents
H NI 2009
Li ni u
1 Phm vi p dng
Tiu chun ny p dng rng ri cho nhiu loi hnh t chc (v d: cc t chc thng mi, c quan
nh nc, t chc phi li nhun). Tiu chun ny ch r yu cu i vi hot ng thit lp; trin khai;
iu hnh; gim st; sot xt; duy tr v ci tin mt h thng qun l an ton thng tin (ISMS) m
bo an ton thng tin trc nhng ri ro c th xy ra vi cc hot ng ca t chc. Tiu chun ny
cng ch r cc yu cu khi trin khai cc bin php qun l an ton c chn lc ph hp vi nhu
cu ca t chc hoc b phn ca t chc.
H thng ISMS c thit k cc bin php m bo an ton thng tin ph hp v y bo v
cc ti sn thng tin v em li s tin tng ca cc bn lin quan nh i tc, khch hng
Cc yu cu trnh by trong tiu chun ny mang tnh tng qut v nhm ng dng rng ri cho nhiu
loi hnh t chc khc nhau. iu 4, 5, 6, 7 v 8 ca tiu chun l bt buc nu t chc cng b ph
hp vi tiu chun ny; cc loi tr i vi cc bin php qun l, nu cn thit tho mn cc tiu
ch chp nhn ri ro, cn c l do chnh ng v c bng chng chng minh cc ri ro lin i c
chp nhn bi ngi c trch nhim.
2 Ti liu vin dn
ISO/IEC 17799:2005, Information technology Security techniques Code of practice for information
security management (Cng ngh thng tin Cc k thut an ton Quy phm thc hnh qun l an
ton thng tin).
3 Thut ng v nh ngha
Tiu chun ny s dng cc thut ng v nh ngha sau:
3.1
Ti sn (asset)
Bt k th g c gi tr i vi t chc.
3.2
7