标准编号:ISO/IEC TS 27008:2019
中文名称:信息技术 安全技术 信息安全控制的评估指南
英文名称:Information technology — Security techniques — Guidelines for the assessment of information security controls
发布日期:2019-01
标准范围
This document provides guidance on reviewing and assessing the implementation and operation of
information security controls, including the technical assessment of information system controls, in
compliance with an organization's established information security requirements including technical
compliance against assessment criteria based on the information security requirements established by
the organization.
This document offers guidance on how to review and assess information security controls being
managed through an Information Security Management System specified by ISO/IEC 27001.
It is applicable to all types and sizes of organizations, including public and private companies,
government entities, and not-for-profit organizations conducting information security reviews and
technical compliance checks.
标准预览图
立即下载标准文件