INCITS/ISO/IEC 13335-1 : 2004
Withdrawn
A Withdrawn Standard is one, which is removed from sale, and its unique number can no longer be used. The Standard can be withdrawn and not replaced, or it can be withdrawn and replaced by a Standard with a different number.
INFORMATION TECHNOLOGY - SECURITY TECHNIQUES - MANAGEMENT OF INFORMATION AND COMMUNICATIONS TECHNOLOGY SECURITY - PART 1: CONCEPTS AND MODELS FOR INFORMATION AND COMMUNICATIONS TECHNOLOGY SECURITY MANAGEMENT
Hardcopy , PDF
07-23-2013
English
01-01-2004
FOREWORD
INTRODUCTION
1 SCOPE
2 DEFINITIONS
3 SECURITY CONCEPTS AND RELATIONSHIPS
3.1 SECURITY PRINCIPLES
3.2 ASSETS
3.3 THREATS
3.4 VULNERABILITIES
3.5 IMPACT
3.6 RISK
3.7 SAFEGUARDS
3.8 CONSTRAINTS
3.9 SECURITY ELEMENT RELATIONSHIPS
4 OBJECTIVES, STRATEGIES AND POLICIES
4.1 ICT SECURITY OBJECTIVES AND STRATEGY
4.2 POLICY HIERARCHY
4.3 CORPORATE ICT SECURITY POLICY ELEMENTS
5 ORGANIZATIONAL ASPECTS OF ICT SECURITY
5.1 ROLES AND RESPONSIBILITIES
5.1.1 Organizational roles, accountabilities and
responsibilities
5.1.2 ICT security forum
5.1.3 Corporate ICT security officer
5.1.4 ICT users
5.2 ORGANIZATIONAL PRINCIPLES
5.2.1 Commitment
5.2.2 Consistent approach
5.2.3 Integrating ICT security
6 ICT SECURITY MANAGEMENT FUNCTIONS
6.1 OVERVIEW
6.2 CULTURAL AND ENVIRONMENTAL CONDITIONS
6.3 RISK MANAGEMENT
Important note : All end users must be registered with an Account prior to user licenses being assigned.Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.