GOST R ISO IEC 27011-2012 Information technology Security techniques Information security management guidelines for telecommunications organizations based on ISO IEC 27002《信息技术 安全技.pdf

1、 /270112012 / 27002ISO/IEC 27011:2008Information technology Security techniques Information security management guidelines for telecommunicationsorganizations based on ISO/IEC 27002(IDT) 1 - ( ) - ( ) - , 42 22 3 24 2012 . 424-4 / 27011:2008 - . . / 27002(ISO/IEC 27011:2008 Information technology Se

2、curity techniques Information security managementguidelines for telecommunications organizations based on ISO/IEC 27002). - 1.52004 ( 3.5) - , - 5 1.02012 ( 8). ( 1 ) , -. () . , - - (gost.ru) , 2014 , - - II / 2701120121 12 13 , 13.1 .13.2 24 34.1 .34.2 . . 35 66 66.1 , .66.2 .87 .117.1 .117.2 128

3、, .138.1 138.2 .168.3 .169 .169.1 .169.2 1810 2010.1 2010.2 .2210.3 .2210.4 2210.5 2310.6 2310.7 2410.8 2410.9 .2410.10 2411 2511.1 2511.2 .2611.3 2611.4 2611.5 .2611.6 .2611.7 .26III / 27011201212 , 2712.1 2712.2 2712.3 .2712.4 .2712.5 .2812.6 2813 2813.1 .2813.2 . 3014 .3214.1 . 3215 .34 A () 35 B

4、 () 42 () .44 45IV / 270112012 - / 27002 ( ). , , / 27002, - :1) . , -, . , , , , . , - . , - , , . - ;2) . - , , , , - ;3) . , , - , , . - , - . , , , - . , , - . - , , . , , -. - , - . , , , . , , , .V / 270112012 , , , , -, / 27002, , , .VI / 270112012 / 27002Information technology. Security tech

5、niques. Information security management guidelines for telecommunicationsorganizations based on ISO/IEC 27002 201401011 , . -, , .2 , -. , -. . ( ) -./ 27001:2005 . -. . (ISO/IEC 27001:2005,Information technology Security techniques Information security management systems Requirements)/ 27002:2005 .

6、 -. (ISO/IEC 27002:2005,Information technology Security techniques Code of practice for information security management)3 , 3.1 , - / 27002. , :3.1.1 (collocation): - .3.1.2 (communication centre): , - .1 / 270112012 3.1.3 (essential communications): , , , , - .3.1.4 (non-disclosure of communication

7、s): - , , -, , , , , .3.1.5 (personal information): , . , , .3.1.6 (priority call): , , , . ( IP-, , IP- . .) - .3.1.7 (telecommunications applications): - , , .3.1.8 (telecommunications business): - .3.1.9 (telecommunications equipment room): , .3.1.10 (telecommunications facilities): , -, , - .3.1.11 (telecommunications organizations): - , - .3.1.12 (telecommunications records): , - , , .3.1.13 (telecommunications services): .3.1.14 (telecommunications service customer): ,