網路城邦
上一篇 回創作列表 下一篇   字體:
ISO 27036-3 Guidelines for supply chain security
2014/01/01 20:29:47瀏覽478|回應0|推薦1

ISO / IEC 27036-3 Information technology — Security techniques — Information security for

supplier relationships — 

Part 3:

Guidelines for information andcommunication technology supply chain security



Foreword

Introduction

1 Scope.

2 Normative references

3 Terms and definitions.

4 Structure of this standard

5 Key concepts

5.1 Business case for ICT supply chain security

5.2 ICT supply chain risks and associated threats

5.3 Acquirer and supplier relationship types.3

5.4 Organizational capability

5.5 System lifecycle processes.

5.6 ISMS processes in relation to system lifecycle processes

5.7 ISMS information security controls in relation to ICT supply chain security

5.8 Essential ICT supply chain security practices.

6 ICT supply chain security in Lifecycle Processes.

6.1 Agreement Processes.

6.2 Organizational Project-Enabling Processes.

6.3 Project Processes.

6.4 Technical Processes.

Annex A (informative) Summary of Supply and Acquisition Processes from ISO/IEC 15288 and

ISO/IEC 12207

Annex B (informative) Clause 6 mapping to ISO/IEC 27002

Bibliography
( 知識學習商業管理 )
回應 推薦文章 列印 加入我的文摘
上一篇 回創作列表 下一篇

引用
引用網址:https://classic-blog.udn.com/article/trackback.jsp?uid=frankhbc&aid=10292890