GB/T 20984-2022 Translated English of Chinese Standard (GB/T20984-2022, GBT 20984-2022): Information security technology -- Risk assessment method for information security [Buy--download True-PDF in 3-second: https://play.google.com/books > Sign in > This BOOK > "3-dots" > Export > Save as "*.pdf"]https://www.chinesestandard.net, 21/08/2022 - 49 من الصفحات This document describes the basic concepts of information security risk assessment, relationship between risk factors, principles of risk analysis, implementation process and assessment method of risk assessment, as well as the implementation points and work forms of risk assessment at different stages of information system lifecycle. This document applies to all types of organizations conducting information security risk assessments. |
من داخل الكتاب
النتائج 1-5 من 5
الصفحة 15
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
الصفحة 16
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
الصفحة 20
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
الصفحة 21
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
الصفحة 31
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
لقد وصلت إلى حد العرض المسموح لهذا الكتاب.
المحتوى
3 | |
Appendix B Informative Work forms of risk assessment | 33 |
Informative Asset identification | 40 |
Appendix F Informative Examples of risk calculation | 47 |
عبارات ومصطلحات مألوفة
According analyze application software assessment and management Asset identification asset value assets is required attribute is destroyed availability of assets behavioral capabilities business bearing Business identification business importance cloud computing Code auditing components and unit comprehensive evaluation level confidentiality of assets damage degree of difficulty degree of impact design plan development plan difficulty of vulnerability document environment equipment room existing security control exploited by threat frequency statistics GB/T impact degree impact on assets impact on business impact on system information security risk information system Information Technology Inspection assessment integrity of assets Level Identification Man-made and accident management tools organization penetration testing platform possibility of risk relevant risk analysis risk assessment process risk calculation risk evaluation criteria risk occurrence security attribute security incident security requirement self-assessment system asset risk system components system lifecycle Table threat behavior threat identification threat sources threat types unit assets vulnerability assessment vulnerability being exploited vulnerability identification