GB_20269-2015-信息系统安全管理要求.pdfVIP

ICS 35.040 L 80 召日 中 华 人 民 共 和 国 国 家 标 准 GB/T20269一2006 信息安全技术 信息系统安全管理要求 Inofrmationsecuritytechnology一 Informationsystem sccuritymanagementrequirements 2006一05一31发布 2006一12一01实施 中华人民共和国国家质量监督检验检疫总局 发 布 中 国 国家 标 准 化 管 理 委 员 会 GB/T2D269一2006 目 次 前言 ···············································，··································································…… V 引言 ······，，············································································，····························…… Vl 1 范围 ，，，··。‘·。‘。·，··，···，，，· ······················，，，，·····4······，，，，，，，，，。。。‘··········，， ··。。。·，·… 1 2 规范性引用文件 ······，，·································，···，，，···········································，···…… 1 3 术语和定义 ···············，······················，··························，····································…… 1 4信息系统安全管理的一般要求 ·········，·················，·4····························…·… “”“““’“’2‘ 4.1信息系统安全管理的内容 ·············································，·，·，，····························…·…2 4.2 信息系统安全管理的原则 ·、····························································，····，，…“.‘“…“’‘“2 5信息系统安全管理要素及其强度 ·························，································…·…’“”‘””””’3‘ 5.1 策略和制度 ··········································································，····················，··，… 3 5.1.1 信息安全管理策略 ·································，····················4·······························…… 3 5.1.2 安全管理规章制度 ···················，·······4····，，··，······。·············，············，，，·············…… 5 5.1.3 策略与制度文档管理 ···············，··················，，··················，··