Source:YueFei Business consulting Date:2022/1/6 11:28:03 | Share Collection
To test and evaluate the security level protection status of information system,
It should include two aspects:
One is security control evaluation, mainly evaluates the information security level protection requirements of the basic security control in the information system implementation configuration;
The second is the overall evaluation of the system, which mainly evaluates and analyzes the overall security of the information system. Among them, security control assessment is the basis of the overall security assessment of information system.
The description of safety control evaluation shall be organized by evaluation unit. The evaluation unit is divided into two categories: safety technology evaluation and safety management evaluation.
Security technology assessment: including physical security, network security, host system security, application security and data security and other five levels of security control assessment.
Safety management evaluation: including safety management organization, safety management system, personnel safety management, system construction management and system operation and maintenance management and other five aspects of safety control evaluation.
Editor in charge:Shanghai Yue Fei Enterprise Management Consulting Co., Ltd.
Copyright:http://www.yf-iso.com/ Please indicate the source of the reprint
Share 
Collection 
