ISO/IEC TS 27022:2021 信息技术 信息安全管理系统过程指南

标准编号：ISO/IEC TS 27022:2021

中文名称：信息技术 信息安全管理系统过程指南

英文名称：Information technology — Guidance on information security management system processes

发布日期：2021-03

标准范围

本文件定义了信息安全管理领域的过程参考模型（PRM），该模型符合ISO/IEC 33004中定义的过程参考模型标准（见附录A）。旨在指导ISO/IEC 27001的用户:-在ISMS中纳入ISO/IEC 27000:2018，4.3所述的工艺方法；-从ISMS流程操作的角度来看，与ISO/IEC 27000系列其他标准中完成的所有工作保持一致-支持用户操作ISMS？本文件以操作、面向过程的观点补充了ISO/IEC 27003面向需求的观点。

This document defines a process reference model (PRM) for the domain of information security management, which is meeting the criteria defined in ISO/IEC 33004 for process reference models (see Annex A). It is intended to guide users of ISO/IEC 27001 to:
- incorporate the process approach as described by ISO/IEC 27000:2018, 4.3, within the ISMS;
- be aligned to all the work done within other standards of the ISO/IEC 27000 family from the perspective of the operation of ISMS processes
- support users in the operation of an ISMS?this document is complementing the requirements-oriented perspective of ISO/IEC 27003 with an operational, process-oriented point of view.

标准预览图