Iso 27005 2011 Ru V1
ME^YHAPO^HMH
CTAH^APT
MH$opMa^uoHHafl TexHonorua - MeTogbi u cpegcTBa o6ecneneHUA 6e3onacHOCTu - MeHefl^MeHT pucxa uH$opMa^uoHHOM
6e3onacHOCTu
Technologies de I'information — Techniques de securite — Gestion du risque en securite de I'information
/5<52SK ■ r— y-~\ iso I EC •
^aHHbiH goKyMeHT - nepBaa pega^ua TexHuaecKoro nepeBoga 6puTaHcKoro craHgapTa, CTaBmero Me^gyHapogHbiM - BS ISO/IEC 27005:2011. Abtop nepeBoga - 3aMecruTeab gupeKTopa genapTaMeHTa uH^pacrpyKTypHbix pemeHua no uH$opMa^uoHHOH 6e3onacHOCTH AO «CHTPOHHKC HHOOPMAqHOHHBIE TEXHOHOrHH YKPAHHA» roH^a B.A. Bee npaBa oxpaHaroTca coraacHo geacTByro^eMy 3aKoHogaTeabcTBy. 3AnPF.IHF.HO HTOEOE KOnHPOBAHHE EE3 PA3PEmEHRS BSI, KPOME PA3PEmfiHHOrO B COOTBETCTBHH C 3AKOHOM OE ABTOPCKOM nPABE. flaHHHH cTaHgapT: npegocraBaaeT pyKoBogcTBo no MeHeg^Memy pucKa uH$opMa^uoHHOH 6e3onacHocru b op^aHU3a^uu, noggep^uBaa, b aacTHocru Tpe6oBaHua k CMHE b cooTBeTCTBuu c ISO/IEC 27001;
He npegocraBaaeT KaKoa-au6o KoHKpeTHoa MeTogoaoruu no MeHeg^Memy pucKa uH^opMa^uoHHOH 6e3onacHocTu;
Bbi6op nogxoga k MeHeg^Memy pucKa ocy^ecraaaeTca op^aHU3a^ueH, npuMeHaro^ux ^TOT cTaHgapT u 3aBucuT, HanpuMep, ot o6aacru npuMeHeHua CMHE, KoHTeKcra MeHeg^MeHTa pucKa uau c^epw geaTeabHocru. npegHa3HaaeH gaa pyKoBogmeaea u nepcoHaaa, 3aHuMaro^eroca b op^aHU3a^uu BonpocaMu MeHeg^Meara pucKa uH$opMa^uoHHoa 6e3onacHocTu, a TaK*e, npu Heo6xoguMocTu, gaa BHemHux cTopoH, uMero^ux oTHomeHue k ^TOMy Bugy geaTeabHocTu.
O6^ue npuMeaaHua nepeBogauKa no nepeBogy b gaHHoa pega^uu:
HanoMuHaro, hto b cBa3u c npuHaTueM ISO/IEC 27005, ISO/IEC 13335-3:1999 u ISO/IEC 13335-4:2001 craHoBaTca HegeacTBuTeabHbiMu, T.e. Heo6xoguMo o6pa^aTb BHuMaHue 3aKa3auKa, hto ACTY ISO/IEC 13335-3:2003 u £CTY ISO/IEC 133354:2005 y*e noTepaau aKTyaabHocTb (Ha YKpauHe Ha gaHHbia MoMeHT ISO/IEC 27005 He npuHaT, ^o^TOMy BbimeyKa3aHHbie ^CTY aBaaroTca geacrayro^uMu cTaHgapTaMu!); gaa npaBuabHoro noHuMaHua KoHTeKcTa Bbipa^eHua b cTaHgapTe nepeBogauKoM BKaroaeHH KoMMeHTapuu;
gaHHbie
CTAH^APT
MH$opMa^uoHHafl TexHonorua - MeTogbi u cpegcTBa o6ecneneHUA 6e3onacHOCTu - MeHefl^MeHT pucxa uH$opMa^uoHHOM
6e3onacHOCTu
Technologies de I'information — Techniques de securite — Gestion du risque en securite de I'information
/5<52SK ■ r— y-~\ iso I EC •
^aHHbiH goKyMeHT - nepBaa pega^ua TexHuaecKoro nepeBoga 6puTaHcKoro craHgapTa, CTaBmero Me^gyHapogHbiM - BS ISO/IEC 27005:2011. Abtop nepeBoga - 3aMecruTeab gupeKTopa genapTaMeHTa uH^pacrpyKTypHbix pemeHua no uH$opMa^uoHHOH 6e3onacHOCTH AO «CHTPOHHKC HHOOPMAqHOHHBIE TEXHOHOrHH YKPAHHA» roH^a B.A. Bee npaBa oxpaHaroTca coraacHo geacTByro^eMy 3aKoHogaTeabcTBy. 3AnPF.IHF.HO HTOEOE KOnHPOBAHHE EE3 PA3PEmEHRS BSI, KPOME PA3PEmfiHHOrO B COOTBETCTBHH C 3AKOHOM OE ABTOPCKOM nPABE. flaHHHH cTaHgapT: npegocraBaaeT pyKoBogcTBo no MeHeg^Memy pucKa uH$opMa^uoHHOH 6e3onacHocru b op^aHU3a^uu, noggep^uBaa, b aacTHocru Tpe6oBaHua k CMHE b cooTBeTCTBuu c ISO/IEC 27001;
He npegocraBaaeT KaKoa-au6o KoHKpeTHoa MeTogoaoruu no MeHeg^Memy pucKa uH^opMa^uoHHOH 6e3onacHocTu;
Bbi6op nogxoga k MeHeg^Memy pucKa ocy^ecraaaeTca op^aHU3a^ueH, npuMeHaro^ux ^TOT cTaHgapT u 3aBucuT, HanpuMep, ot o6aacru npuMeHeHua CMHE, KoHTeKcra MeHeg^MeHTa pucKa uau c^epw geaTeabHocru. npegHa3HaaeH gaa pyKoBogmeaea u nepcoHaaa, 3aHuMaro^eroca b op^aHU3a^uu BonpocaMu MeHeg^Meara pucKa uH$opMa^uoHHoa 6e3onacHocTu, a TaK*e, npu Heo6xoguMocTu, gaa BHemHux cTopoH, uMero^ux oTHomeHue k ^TOMy Bugy geaTeabHocTu.
O6^ue npuMeaaHua nepeBogauKa no nepeBogy b gaHHoa pega^uu:
HanoMuHaro, hto b cBa3u c npuHaTueM ISO/IEC 27005, ISO/IEC 13335-3:1999 u ISO/IEC 13335-4:2001 craHoBaTca HegeacTBuTeabHbiMu, T.e. Heo6xoguMo o6pa^aTb BHuMaHue 3aKa3auKa, hto ACTY ISO/IEC 13335-3:2003 u £CTY ISO/IEC 133354:2005 y*e noTepaau aKTyaabHocTb (Ha YKpauHe Ha gaHHbia MoMeHT ISO/IEC 27005 He npuHaT, ^o^TOMy BbimeyKa3aHHbie ^CTY aBaaroTca geacrayro^uMu cTaHgapTaMu!); gaa npaBuabHoro noHuMaHua KoHTeKcTa Bbipa^eHua b cTaHgapTe nepeBogauKoM BKaroaeHH KoMMeHTapuu;
gaHHbie