标准摘要
[中文适用范围]: ISO/IEC 13335 包含有关 ICT 安全管理的指南。 ISO/IEC 13335 第 1 部分介绍了基本了解 ICT 安全的概念和模型,并解决了对于成功规划、实施和运营 ICT 安全至关重要的一般管理问题。 本国际标准的目的并不是建议一种特定的 ICT 安全管理方法。 相反,ISO/IEC 13335-1 包含对 ICT 安全管理的有用概念和模型的一般讨论。 本材料具有通用性,适用于许多不同风格的管理和组织环境。 它的组织方式允许对材料进行定制,以满足组织及其特定管理风格的需求。 [外文原描述]: ISO/IEC 13335-1:2004 presents the concepts and models fundamental to a basic understanding of ICT security, and addresses the general management issues that are essential to the successful planning, implementation and operation of ICT security. Part 2 of ISO/IEC 13335 (currently 2nd WD) provides operational guidance on ICT security. Together these parts can be used to help identify and manage all aspects of ICT security.
英文名称Information technology - Security techniques - Management of information and communications technology security - Part 1: Concepts and models for information and communications technology security management