Scribd Logo
Upload

Welcome to Scribd!

  • Tcvn-Iso-Iec-270012009-Tcvn - Iso - Iec 27001 - 2009

    Uploaded by

    Daole Van
    22 views7 pages

    Original Title

    TCVN-ISO-IEC-270012009-TCVN_ISO_IEC 27001_2009

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views7 pages

    Tcvn-Iso-Iec-270012009-Tcvn - Iso - Iec 27001 - 2009

    Uploaded by

    Daole Van

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    TCVN

    TIU CHUN QUC GIA

    TCVN ISO/IEC 27001:2009


    ISO/IEC 27001:2005
    Xut bn ln 1

    CNG NGH THNG TIN - H THNG QUN L AN TON


    THNG TIN - CC YU CU
    Information technology Information security management system - Requirements

    H NI 2009

    TCVN ISO/IEC 27001:2009

    TCVN ISO/IEC 27001:2009


    Mc lc
    1 Phm vi p dng .................................................................................................................................7
    2 Ti liu vin dn ..................................................................................................................................7
    3 Thut ng v nh ngha ....................................................................................................................7
    4 H thng qun l an ton thng tin...................................................................................................9
    4.1 Cc yu cu chung ........................................................................................................................9
    4.2 Thit lp v qun l h thng ISMS .............................................................................................10
    4.2.1 Thit lp h thng ISMS........................................................................................................10
    4.2.2 Trin khai v iu hnh h thng ISMS ................................................................................12
    4.2.3 Gim st v sot xt h thng ISMS.....................................................................................13
    4.2.4 Duy tr v ci tin h thng ISMS..........................................................................................14
    4.3 Cc yu cu v h thng ti liu..................................................................................................14
    4.3.1 Khi qut ...............................................................................................................................14
    4.3.2 Bin php qun l ti liu ......................................................................................................15
    4.3.3 Bin php qun l h s .......................................................................................................15
    5 Trch nhim ca ban qun l ..........................................................................................................15
    5.1 Cam kt ca ban qun l .............................................................................................................15
    5.2 Qun l ngun lc........................................................................................................................16
    5.2.1 Cp pht ngun lc...............................................................................................................16
    5.2.2 o to, nhn thc v nng lc ............................................................................................16
    6 Kim ton ni b h thng ISMS.....................................................................................................17
    7 Sot xt ca ban qun l i vi h thng ISMS ...........................................................................17
    7.1 Khi qut......................................................................................................................................17
    7.2 u vo ca vic sot xt............................................................................................................17
    7.3 u ra ca vic sot xt ..............................................................................................................18
    8 Ci tin h thng ISMS .....................................................................................................................18
    8.1 Ci tin thng xuyn .................................................................................................................18
    8.2 Hnh ng khc phc ..................................................................................................................19
    8.3 Hnh ng phng nga ...............................................................................................................19
    Ph lc A (Quy nh) Cc mc tiu qun l v bin php qun l ...................................................20
    Ph lc B (Tham kho) Cch tip cn theo quy trnh........................................................................42
    3

    TCVN ISO/IEC 27001:2009


    Ph lc C (Tham kho) S tng ng gia ISO 9001:2000, ISO 14001:2004 v tiu chun ny . 44
    Th mc ti liu tham kho................................................................................................................. 46

    TCVN ISO/IEC 27001:2009

    Li ni u

    TCVN ISO/IEC 27001:2009 hon ton tng ng vi ISO/IEC


    27001:2005.
    TCVN ISO/IEC 27001:2009 do Trung tm ng cu khn cp My tnh
    Vit Nam bin son, B Thng tin v Truyn thng ngh, Tng cc
    Tiu chun o lng Cht lng thm nh, B Khoa hc v Cng
    ngh cng b.

    TCVN ISO/IEC 27001:2009

    TIU CHUN QUC GIA

    TCVN ISO/IEC 27001:2009

    TCVN ISO/IEC 27001: 2009

    Cng ngh thng tin - H thng qun l an ton thng tin Cc


    yu cu
    Information technology Information security management system - Requirements

    1 Phm vi p dng
    Tiu chun ny p dng rng ri cho nhiu loi hnh t chc (v d: cc t chc thng mi, c quan
    nh nc, t chc phi li nhun). Tiu chun ny ch r yu cu i vi hot ng thit lp; trin khai;
    iu hnh; gim st; sot xt; duy tr v ci tin mt h thng qun l an ton thng tin (ISMS) m
    bo an ton thng tin trc nhng ri ro c th xy ra vi cc hot ng ca t chc. Tiu chun ny
    cng ch r cc yu cu khi trin khai cc bin php qun l an ton c chn lc ph hp vi nhu
    cu ca t chc hoc b phn ca t chc.
    H thng ISMS c thit k cc bin php m bo an ton thng tin ph hp v y bo v
    cc ti sn thng tin v em li s tin tng ca cc bn lin quan nh i tc, khch hng
    Cc yu cu trnh by trong tiu chun ny mang tnh tng qut v nhm ng dng rng ri cho nhiu
    loi hnh t chc khc nhau. iu 4, 5, 6, 7 v 8 ca tiu chun l bt buc nu t chc cng b ph
    hp vi tiu chun ny; cc loi tr i vi cc bin php qun l, nu cn thit tho mn cc tiu
    ch chp nhn ri ro, cn c l do chnh ng v c bng chng chng minh cc ri ro lin i c
    chp nhn bi ngi c trch nhim.

    2 Ti liu vin dn
    ISO/IEC 17799:2005, Information technology Security techniques Code of practice for information
    security management (Cng ngh thng tin Cc k thut an ton Quy phm thc hnh qun l an
    ton thng tin).

    3 Thut ng v nh ngha
    Tiu chun ny s dng cc thut ng v nh ngha sau:
    3.1
    Ti sn (asset)
    Bt k th g c gi tr i vi t chc.
    3.2
    7

    You might also like