ГОСТ Р ИСО/МЭК 27002-2021 Информационные технологии (ИТ). Методы и средства обеспечения безопасности. Свод норм и правил применения мер обеспечения информационной безопасности
Библиография
[1] | ISO/IEC Directives, Part 2 |
[2] | ISO/IEC 11770-1, Information technology Security techniques - Key management - Part 1: Framework |
[3] | ISO/IEC 11770-2, Information technology - Security techniques - Key management - Part 2: Mechanisms using symmetric techniques |
[4] | ISO/IEC 11770-3, Information technology - Security techniques - Key management - Part 3: Mechanisms using asymmetric techniques |
[5] | ISO 15489-1, Information and documentation - Records management - Part 1: General |
[6] | ISO/IEC 20000-1, Information technology - Service management - Part 1: Service management system requirements |
[7] | ISO/IEC 20000-2, Information technology - Service management - Part 2: Guidance on the application of service management systems |
[8] | ISO 22301, Societal security - Business continuity management systems - Requirements |
[9] | ISO 22313, Societal security - Business continuity management systems - Guidance |
[10] | ISO/IEC 27001, Information technology - Security techniques - Information security management systems - Requirements |
[11] | ISO/IEC 27005, Information technology - Security techniques - Information security risk management |
[12] | ISO/IEC 27007, Information technology - Security techniques - Guidelines for information security management systems auditing |
[13] | ISO/IEC TR 27008, Information technology - Security techniques - Guidelines for auditors on information security controls |
[14] | ISO/IEC 27031, Information technology - Security techniques - Guidelines for information and communication technology readiness for business continuity |
[15] | ISO/IEC 27033-1, Information technology - Security techniques - Network security - Part 1: Overview and concepts |
[16] | ISO/IEC 27033-2, Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security |
[17] | ISO/IEC 27033-3, Information technology - Security techniques - Network security - Part 3: Reference networking scenarios - Threats, design techniques and control issues |
[18] | ISO/IEC 27033-4, Information technology - Security techniques - Network security - Part 4: Securing communications between networks using security gateways |
[19] | ISO/IEC 27033-5, Information technology - Security techniques - Network security - Part 5: Securing communications across networks using Virtual Private Network (VPNs) |
[20] | ISO/IEC 27035, Information technology - Security techniques - Information security incident management |
[21] | ISO/IEC 27036-1, Information technology - Security techniques - Information security for supplier relationships - Part 1: Overview and concepts |
[22] | ISO/IEC 27036-2, Information technology - Security techniques - Information security for supplier relationships - Part 2: Common requirements |
[23] | ISO/IEC 27036-3, Information technology - Security techniques - Information security for supplier relationships - Part 3: Guidelines for ICT supply chain security |
[24] | ISO/IEC 27037, Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence |
[25] | ISO/IEC 29100, Information technology - Security techniques - Privacy framework |
[26] | ISO/IEC 29101, Information technology - Security techniques - Privacy architecture framework |
[27] | ISO 31000, Risk management - Principles and guidelines |
УДК 006.34:004.056:004.056.5:004.056.53:006.354 | ОКС 35.030 |
Ключевые слова: информационная безопасность (ИБ), система менеджмента информационной безопасности (СМИБ), менеджмент риска, меры обеспечения ИБ | |
Электронный текст документа
подготовлен АО "Кодекс" и сверен по:
официальное издание
М.: Стандартинформ, 2021