ISO/IEC 24762-2008 信息技术.安全技术.信息和通信技术故障恢复服务指南
作者:标准资料网
时间:2024-03-29 20:45:22
浏览:8798
来源:标准资料网
下载地址: 点击此处下载
【英文标准名称】:Informationtechnology-Securitytechniques-Guidelinesforinformationandcommunicationstechnologydisasterrecoveryservices
【原文标准名称】:信息技术.安全技术.信息和通信技术故障恢复服务指南
【标准号】:ISO/IEC24762-2008
【标准状态】:现行
【国别】:国际
【发布日期】:2008-02
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:通信技术;数据处理;数据保护;数据安全;定义;灾害;应急的;指导手册;信息交流;信息交换;信息安全;信息技术;安全工程;安全系统;服务设施
【英文主题词】:Communicationtechnology;Dataprocessing;Dataprotection;Datasecurity;Definitions;Disasters;Emergency;Guidebooks;Informationexchange;Informationinterchange;Informationsecurity;Informationtechnology;Safetyengineering;Safetysystems;Services
【摘要】:1.1GeneralThisInternationalStandarddescribesthebasicpracticeswhichICTDRserviceproviders,bothin-houseandoutsourced,shouldconsider.Itcoverstherequirementsthatserviceprovidersshouldmeet,recognizingthatindividualorganizationsmayhaveadditionalrequirementsthatarespecifictothem(whichwouldhavetobeaddressedintheagreements/contractswithserviceproviders).Examplesofsuchorganizationrequirementsmayincludespecialencryptionsoftwareandsecuredoperationprocedures,equipment,knowledgeablepersonnelandapplicationdocumentation.Suchadditionalorganizationspecificrequirements,ifnecessary,aregenerallynegotiatedonacase-by-casebasisandarethesubjectofdetailedcontractnegotiationsbetweenorganizationsandtheirICTDRserviceprovidersandarenotwithinthescopeofthisInternationalStandard.1.2ExclusionsThisInternationalStandarddoesnot:a)provideanyguidanceonbusinesscontinuitymanagementasawholefororganizations;b)takeprecedenceoveranylawsandregulations,bothexistingandthoseinthefuture;c)haveanylegalpowerovertheServiceLevelAgreements(SLAs)includedinnegotiatedcontractsbetweenorganizationsandserviceproviders;d)addressrequirements,legalorotherwise,governingnormalbusinessoperationstobeadheredtobyserviceproviders.Examplesofsuchrequirementsincludedetailedregulationscoveringbuildingandfiresafety,occupationalhealthandsafety,copyrightregulationandprevailinghumanresourcepractices;e)provideanexhaustivelist,andthustechnicalsecuritycontrolsarenotcovered.ReadersshouldrefertoISO/IEC27001andISO/IEC27002,vendorliteratureandothertechnicalreferences,asnecessary.1.3AudienceThisInternationalStandardappliesto:a)allorganizationsrequiringtheICTDRservicesaspartoftheirbusiness(whetherin-houseand/oroutsourced);b)ICTDRserviceprovidersintheirprovisionofICTDRservices;c)communitiesoforganizationswithreciprocalormutualarrangements.
【中国标准分类号】:L70
【国际标准分类号】:35_040
【页数】:67P;A4
【正文语种】:英语
【原文标准名称】:信息技术.安全技术.信息和通信技术故障恢复服务指南
【标准号】:ISO/IEC24762-2008
【标准状态】:现行
【国别】:国际
【发布日期】:2008-02
【实施或试行日期】:
【发布单位】:国际标准化组织(IX-ISO)
【起草单位】:ISO/IECJTC1/SC27
【标准类型】:()
【标准水平】:()
【中文主题词】:通信技术;数据处理;数据保护;数据安全;定义;灾害;应急的;指导手册;信息交流;信息交换;信息安全;信息技术;安全工程;安全系统;服务设施
【英文主题词】:Communicationtechnology;Dataprocessing;Dataprotection;Datasecurity;Definitions;Disasters;Emergency;Guidebooks;Informationexchange;Informationinterchange;Informationsecurity;Informationtechnology;Safetyengineering;Safetysystems;Services
【摘要】:1.1GeneralThisInternationalStandarddescribesthebasicpracticeswhichICTDRserviceproviders,bothin-houseandoutsourced,shouldconsider.Itcoverstherequirementsthatserviceprovidersshouldmeet,recognizingthatindividualorganizationsmayhaveadditionalrequirementsthatarespecifictothem(whichwouldhavetobeaddressedintheagreements/contractswithserviceproviders).Examplesofsuchorganizationrequirementsmayincludespecialencryptionsoftwareandsecuredoperationprocedures,equipment,knowledgeablepersonnelandapplicationdocumentation.Suchadditionalorganizationspecificrequirements,ifnecessary,aregenerallynegotiatedonacase-by-casebasisandarethesubjectofdetailedcontractnegotiationsbetweenorganizationsandtheirICTDRserviceprovidersandarenotwithinthescopeofthisInternationalStandard.1.2ExclusionsThisInternationalStandarddoesnot:a)provideanyguidanceonbusinesscontinuitymanagementasawholefororganizations;b)takeprecedenceoveranylawsandregulations,bothexistingandthoseinthefuture;c)haveanylegalpowerovertheServiceLevelAgreements(SLAs)includedinnegotiatedcontractsbetweenorganizationsandserviceproviders;d)addressrequirements,legalorotherwise,governingnormalbusinessoperationstobeadheredtobyserviceproviders.Examplesofsuchrequirementsincludedetailedregulationscoveringbuildingandfiresafety,occupationalhealthandsafety,copyrightregulationandprevailinghumanresourcepractices;e)provideanexhaustivelist,andthustechnicalsecuritycontrolsarenotcovered.ReadersshouldrefertoISO/IEC27001andISO/IEC27002,vendorliteratureandothertechnicalreferences,asnecessary.1.3AudienceThisInternationalStandardappliesto:a)allorganizationsrequiringtheICTDRservicesaspartoftheirbusiness(whetherin-houseand/oroutsourced);b)ICTDRserviceprovidersintheirprovisionofICTDRservices;c)communitiesoforganizationswithreciprocalormutualarrangements.
【中国标准分类号】:L70
【国际标准分类号】:35_040
【页数】:67P;A4
【正文语种】:英语
下载地址:
点击此处下载