ГОСТ Р ИСО/МЭК 27000-2021. Национальный стандарт Российской Федерации. Информационные технологии. Методы и средства обеспечения безопасности. Системы менеджмента информационной безопасности. Общий обзор и терминология
БИБЛИОГРАФИЯ
[1] | ISO 9000:2015, Quality management systems - Fundamentals and vocabulary |
[2] | ISO/IEC/IEEE 15939:2017, Systems and software engineering - Measurement process |
[3] | ISO/IEC 17021, Conformity assessment - Requirements for bodies providing audit and certification of management systems |
[4] | ISO 19011:2011, Guidelines for auditing management systems |
[5] | ISO/IEC 20000-1:2011, Information technology - Service management - Part 1: Service management system requirements |
[6] | ISO/IEC 27001, Information technology - Security techniques - Information security management systems - Requirements |
[7] | ISO/IEC 27002, Information technology - Security techniques - Code of practice for information security controls |
[8] | ISO/IEC 27003, Information technology - Security techniques - Information security management systems - Guidance |
[9] | ISO/IEC 27004, Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation |
[10] | ISO/IEC 27005, Information technology - Security techniques - Information security risk management |
[11] | ISO/IEC 27006, Information technology - Security techniques - Requirements for bodies providing audit and certification of information security management systems |
[12] | ISO/IEC 27007, Information technology - Security techniques - Guidelines for information security management systems auditing |
[13] | ISO/IEC TR 27008, Information technology - Security techniques - Guidelines for auditors on information security controls |
[14] | ISO/IEC 27009, Information technology - Security techniques - Sector-specific application of ISO/IEC 27001 - Requirements |
[15] | ISO/IEC 27010, Information technology - Security techniques - Information security management for inter-sector and inter-organizational communications |
[16] | ISO/IEC 27011, Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations |
[17] | ISO/IEC 27013, Information technology - Security techniques - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 |
[18] | ISO/IEC 27014, Information technology - Security techniques - Governance of information security |
[19] | ISO/IEC TR 27016, Information technology - Security techniques - Information security management - Organizational economics |
[20] | ISO/IEC 27017, Information technology - Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for cloud services |
[21] | ISO/IEC 27018, Information technology - Security techniques - Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors |
[22] | ISO/IEC 27019, Information technology - Security techniques - Information security controls for the energy utility industry |
[23] | ISO/IEC 27021, Information technology - Security techniques - Competence requirements for information security management systems professionals |
[24] | ISO 27799, Health informatics - Information security management in health using ISO/IEC 27002 |
[25] | ISO Guide 73:2009, Risk management - Vocabulary |
УДК 006.34:004.056:004.056.5:004.056.53:006.354 | ОКС 35.030 |
Ключевые слова: информационная безопасность (ИБ), система менеджмента информационной безопасности (СМИБ), менеджмент риска, меры обеспечения информационной безопасности | |
Подписаться на обновления