ISO/IEC 27010:2012 信息技术 安全技术 部门间和组织间通信的信息安全管理

标准编号：ISO/IEC 27010:2012

中文名称：信息技术 安全技术 部门间和组织间通信的信息安全管理

英文名称：Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications

发布日期：2012-04

标准范围

除了ISO/IEC 27000系列标准中给出的指南外，ISO/IEC 27010:2012还提供了在信息共享社区中实施信息安全管理的指南。ISO/IEC 27010:2012提供了与发起、实施、维护和改进组织间和部门间通信中的信息安全相关的控制和指导。ISO/IEC 27010:2012适用于同一行业或市场部门内或部门间的所有形式的敏感信息交换和共享，包括公共和私人、国内和国际敏感信息。特别是，它可能适用于与提供、维护和保护组织或民族国家关键基础设施有关的信息交换和共享。

ISO/IEC 27010:2012 provides guidelines in addition to guidance given in the ISO/IEC 27000 family of standards for implementing information security management within information sharing communities.ISO/IEC 27010:2012 provides controls and guidance specifically relating to initiating, implementing, maintaining, and improving information security in inter-organizational and inter-sector communications.ISO/IEC 27010:2012 is applicable to all forms of exchange and sharing of sensitive information, both public and private, nationally and internationally, within the same industry or market sector or between sectors. In particular, it may be applicable to information exchanges and sharing relating to the provision, maintenance and protection of an organization's or nation state's critical infrastructure.

标准预览图