INCITS/ISO/IEC TR 13335-2 : 1997
Withdrawn
INFORMATION TECHNOLOGY - GUIDELINES FOR THE MANAGEMENT OF IT SECURITY - PART 2: MANAGING AND PLANNING IT SECURITY
Hardcopy , PDF
English
01-01-1997
07-23-2013
1 Scope
2 Reference
3 Terms and definitions
4 Structure
5 Aim
6 Background
7 Management of IT Security
7.1 Planning and Management Process Overview
7.2 Risk Management Overview
7.3 Implementation Overview
7.4 Follow-up Overview
7.5 Integrating IT Security
8 Corporate IT Security Policy
8.1 Objectives
8.2 Management Commitment
8.3 Policy Relationships
8.4 Corporate IT Security Policy Elements
9 Organizational Aspects of IT Security
9.1 Roles and Responsibilities
9.2 Commitment
9.3 Consistent Approach
10 Corporate Risk Analysis Strategy Options
10.1 Baseline Approach
10.2 Informal Approach
10.3 Detailed Risk Analysis
10.4 Combined Approach
11 IT Security Recommendations
11.1 Safeguard Selection
11.2 Risk Acceptance
12 IT System Security Policy
13 IT Security Plan
14 Implementation of Safeguards
15 Security Awareness
16 Follow-up
16.1 Maintenance
16.2 Security Compliance
16.3 Monitoring
16.4 Incident Handling
17 Summary
Describe subjects essential to the management of IT security, and the relationship between those subjects. These guidelines are useful for the identification and the management of all aspects of IT security.
| DocumentType |
Standard
|
| Pages |
19
|
| PublisherName |
Information Technology Industry Council
|
| Status |
Withdrawn
|
| Standards | Relationship |
| ISO/IEC TR 13335-2:1997 | Identical |
| ISO/IEC TR 13335-1:1996 | Information technology — Guidelines for the management of IT Security — Part 1: Concepts and models for IT Security |
Please Login or Create an Account so you can add users to your Multi user PDF Later.
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Users cannot be edited or removed once added to your Multi user PDF.