信息安全目标测量规范翻译-中英对照
Specifications of Surveys of Information Safety Objective
Edition record
版本Edition 变更理由
Alteration reason 编写
Audit 发布日期
Date issued 生效日期Effective date
1.0 版本建立
批准人(签名):
Approved by (Sign):
日期: Date:
信息安全目标测量规范Specifications of Surveys of Information Safety Objective
1. 目的Purpose
为验证信息安全管理体系(ISMS)的有效实施,根据本公司信息安全方针制定信息安全目标,并规定信息安全目标的计算方法,以便于目标达成情况的考核。In order to verify the effective implementation of the Information Security Management System (ISMS), formulate the information safety objectives according to the policy of information safety of our company, stipulate the accessing method of information safety objectives, so as to examine the realization the objectives.
2. 适用范围Scope of application
本方针的适用于信息安全管理体系的目标测量活动。The policy is suitable for the measuring activities of Information Security Management System.
2.1. 职责Duty
IT部:IT department:
根据公司安全管理的实际情况,制定信息安全管理体系目标;According to the actual conditions of company's safety management, formulate the objectives of the Information Security Management System;
每季度的第一周统计上一季度的目标达成情况;To gather statistics of the previous quarter in the first week of each quarter;
每年度管理评审前统计年度目标达成情况,并根据实际需要调整信息安全目标。To gather statistics of the realization of the annual objective before the annual management evaluation, and adjusted the objective of information safety according to the actual conditions.
总经理:General Manager
总经理负责审核、批准、发布信息安全目标,并推动目标的达成。The general manager is responsible for verification, approval and issuing of objectives of information safety, and promotes the realization of the objectives.
3. 术语和定义Terms and definitions
4. 相关/支持性文件Relevant / supporting document
• 《信息安全管理体系手册》“Information Security Management System manual”
• 《记录控制程序》“Record of control procedure”
5. 记录管理Record management
记录Record 保存期限Storage period 位置Position 责任人Person liable
xx年度第x季度目标测量报告Measuring report of the quarters of in year 3年 3 years
xx年度目标测量报告Measuring report of year 3年3 years
6. 规范内容Specification content
6.1. 保密管理目标Confidential management objectives
总目标:泄密次数0次/季度General objective: Reveal 0 times of / quarter
分解目标:Details:
违规打开机箱次数:0次/季度The times of the opening computer housing in violation of rules and regulations: 0 times / quarter
违规带入移动介质(含带存储功能的手机)进入办公场所次数:1次/季度Bring into the moving medium in violation of rules and regulations ( Include the cell-phone with functions of the memory); times of entering into the office premises: Once / quarter
违规带入摄像设备(含带照相功能的手机)进入安全区域次数:1次/季度Bring into the video recording in violation of rules and regulations ( Include the cell-phone with functions of taking picture); times of entering into the security premises: Once / quarter
违规使用账号和口令次数:Times of use the account number and password in violation of rules and regulations:
测量方法:Measuring method:
每周抽查随机,抽查比例不低于5% Check at random every week, the checking part shall not be lower than 5%
6.2. 其他管理目标Other management objectives
违规进入安全区与次数:1次/季度Times of entering into the safety zone and number of in violation of rules and regulations: Once / quarter
网络服务可用性:95% (不含计划停机时间) Network service usability: 95% (not include the time of shutting down of plan )
2012.12.23