金证商业顾问 当前位置: 首页 >>商业研究>>ISMS、ITSM、CMMI |
风险评估方法与相关标准介绍 |
ISO/IEC13335-1:2004
Information technology — Security techniques — Management of information and communications technology security — NIST-SP800-30 Guide for Conducting Risk Assessments 风险评估指南 OCTAVE The Operationally Critical Threat, Asset, and Vulnerability Evaluation 运营的关键威胁、资产和脆弱性评估 C2risk Combination Control Risk Management 组合控制风险管理 ISO/IEC27005:2008 Information technology - Security techniques - Information security risk management 信息技术 安全技术 信息安全风险管理 GB/T 20984-2007 Information security technology - Risk assessment specification for information security 信息安全技术 信息安全风险评估规范
|
文章来源:http://www.jinzheng.org/isms/2012-11-27/13828.chtml |