(The clear PDF version has specially added document bookmarks, which is especially convenient for selecting the required chapters. This specification is formulated in accordance with the national information security level maintenance and management rules. This specification is one of a series of specifications related to the maintenance of information security levels. The series of specifications related to this specification include: - GB/T22240-2008 "Guidelines for the Maintenance and Grading of Information Security Technology Information System Security Levels"; - National Standard "Guidelines for the Implementation of Security Level Maintenance of Information Security Technology Information Systems". This specification and GB17859-1999, GB/T20269-2006, GB/T20270-2006, GB/T20271-2006 and other specifications together constitute the relevant supporting specifications for the maintenance of information system security levels. Among them, GB17859-1999 is the basic specification, and this specification, GB/T20269-2006, GB/T20270-2006, GB/T20271-2006, etc. are further refinements and extensions on the basis of GB17859-1999. On the basis of technical specifications such as GB17859-1999, GB/T20269-2006, GB/T20270-2006, GB/T20271-2006 and other technical specifications, this specification proposes and rules different safety maintenance level information according to the development level of existing technology. The minimum maintenance requirements of the system, namely the basic security requirements, the basic security requirements include basic technical requirements and basic management requirements, this specification is applicable to guide the security construction and monitoring management of information systems with different security maintenance levels. In the text of this specification, bold text indicates requests that are not rendered or enhanced at lower levels.
22239-2008 Basic Requirements for Maintenance of Information System Security Levels.pdf)
收藏
