ICS35.40L80中华人民共和国国家标准GB/TXXXXX—20XX信息安全服务能力评估准则Assessmentcriteriaforinformationsecurityservicecapability点击此处添加与国际标准一致性程度的标识(征求意见稿)(本稿完成日期:)20XX-XX-XX发布20XX-XX-XX实施GB/TXXXXX—20XXIGB/TXXXXX—20XX目次前言..................................................................................IV引言...................................................................................I1范围................................................................................12规范性引用文件......................................................................13术语、定义和缩略语..................................................................14概述................................................................................44.1信息安全服务过程模型............................................................44.1.1组织战略....................................................................54.1.2规划设计....................................................................54.1.3实施交付....................................................................54.1.4监视支持....................................................................54.1.5检查改进....................................................................64.2能力评定原则....................................................................64.2.1综合考虑原则................................................................64.2.2可裁剪原则..................................................................64.2.3符合性原则..................................................................64.2.4可操作性原则................................................................65信息安全服务过程....................................................................65.1D01组织战略....................................................................65.1.1D01PA01制定信息安全章程....................................................65.1.2D01PA02建立信息安全组织..................................
