Information technology - Security techniques -Information security management systems- Requirements-Scope
信息安全管理體系要求-范圍
 
Scope
范圍
This document specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization.
本標準從組織環境的角度，為建立、實施、運行、保持和持續改進信息安全管理體系規定了要求。
This document also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization. The requirements set out in this International Standard are generic and are intended to be applicable to all organizations, regardless of type, size or nature. Excluding any of the requirements specified in Clauses 4 to 10 is not acceptable when an organization claims conformity to this International Standard.
本標準還規定了為適應組織需要而定制的信息安全風險評估和處置的要求。本標準規定的要求是通用的，適用于各種類型、規模和特性的組織。組織聲稱符合本標準時，對于第4 章 到第10 章的要求不能刪減。

溫馨提示：獲取完整版ISO27001最新2022版中英文對照資料，可咨詢中培課程顧問或撥打客服電話了解18513851518