标准科学Issue(10):53-57,5.DOI:10.3969/j.issn.1674-5698.2014.10.013
论IT服务管理体系和信息安全管理体系的融合
Integration of IT Service Management System and Information Safety Management System
摘要
Abstract
The businesses of organizations are closely connected with IT as the development of society. It is suggested that the ISO standards systems, such as ISO 27001 and ISO 20000, can be applied in the management of organization. However, if several systems are implemented in an organization at the same time, it is easy to cause conflicts and disagreement.The paper divides the contents of different systems into two parts:common part and private part. The common part can be integrated in different forms. In term of the private part, at first, all service progresses should be recognized, then the information safety risk evaluation be conducted and safety control measures be selected, constructing the ISO service system and information safety management system.关键词
ISO 27001/ISO 20000/融合/体系Key words
ISO 27001/ISO 20000/integration/system引用本文复制引用
肖锟..论IT服务管理体系和信息安全管理体系的融合[J].标准科学,2014,(10):53-57,5.
