GOST R ISO IEC 27013-2014 Information technology Security techniques Guidance on the integrated implementation of ISO IEC 27001 and ISO IEC 20000-1《信息技术 安全技术 ISO IEC 27001和ISO IEC .pdf

1、 / 27013 2014 / 27001 / 20000-1 ISO/IEC 27013:2012 Information technology Security techniques Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 (IDT) 2014 / 270132014 II 1 - ( ) - - ( ) , 4 2 22 3 - 16 2014 . 1084- 4 / 27013:2012 - . . - / 27001 / 20000-1 (ISO/IEC 27013:

2、2012 Information technology Security techniques Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1). - 1.5 ( 3.5). - , - 5 1.02012 ( 8). ( 1 ) , -. () - . , - (gost.ru) , 2014 -, - / 270132014 III 1 . 1 2 . 1 3 , . 2 4 / 27001 / 20000-1 2 4.1 2 4.2 / 27001 . 2 4.3 / 20000

3、1 2 4.4 3 5 . 4 5.1 . 4 5.2 . 4 5.3 . 5 6 , . 7 6.1 . 7 6.2 7 6.3 .12 A () / 27001:2005 / 20000-1:2011 16 B () / 27000:2009 / 20000-1:2011 .19 () .42 .43 / 270132014 IV / 27013 / 1, - , 27, , / 1, -, 7, . , : / 27001 / 20000-1 - . - , , - . , , , . , -. , - . : a) -; b) , ; c) , ; d) ; e) , -, ; f)

4、 , / 27001, - 6.6 / 20000-1:2011, - . , . . / 27001:2005 / 20000-1:2011. , (/ 27001 / 20000-1), , . , . - . . , - . , , . - . / 27013 2014 1 / 27001 / 20000-1 Information technology. Security techniques. Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 20150901 1 / 2700

5、1 / 20000-1 , : a) / 27001, / 20000-1 , ; b) : / 27001 / 20000-1; c) / 27001 / 20000-1. / 27001 / 20000-1. / 27001 / 20000-1 - , , , 9001 14001. 2 . - . - ( ). / 20000-1:2011 . . (ISO/IEC 20000-1:2011, Information technology Service management Service management system requirements) / 27000:20091) .

6、 -. . (ISO/IEC 27000:2009, Information technology Security techniques Information security management systems Overview and vocabulary) 1)/ 27000:2009 / 27000:2014. - , , . / 270132014 2 / 27001:20051) . -. . (ISO/IEC 27001:2005, In-formation technology Security techniques Information security manage

7、ment systems Requirements) 3 , / 27000:2009 / 20000-1:2011. : (information security management sys-tem ISMS) ( / 27001); (service management system SMS) ( / 20000-1). A / 27001:2005 / 20000-1:2011 . B : - / 27000:2009, / 27001:2005; - / 27001; - / 20000-1:2011. 4 / 27001 / 20000-1 4.1 , , / 27001 /

8、20000-1. , . 4.2 - 4.4 , -, . 4.2 / 27001 / 27001 , , , -, , , - . , . / 27001 , . -, , , - . . , . - . / 27001 . 4.3 / 20000-1 / 20000-1 , - . , , . , , , , / 20000-1. 1)/ 27001:2005 / 27001:2013. - , , . /2701320143 , - , , . , , , - , (). . , , -, . /20000-1./20000-1 .4.4 , - . , , , , . . , 1, , /27001:2005, /20000-1. / 27001- - / 20000-1- - - - - - - - - - - - - - - - ( , )/ 27001/ 20000-1 ( )- - PDCA- - - - 1 / 27001 / 20000-1, , , - . . A - . , .