Top Banner

of 41

4.ISO 27002 Vietnamese

Jul 20, 2015

Download

Documents

Đỗ Công Thành
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript

ISO 27002 GV : CH.Nguyn Duy Email : [email protected]

1

Ni dung ATTT l g ? Mc tiu ca ATTT ? Phm vi ca ATTT ? Phn tch ISO 27002-2005

Nguyn Duy

Xy dng chnh sch ATTT

2

ATTT l g ? Thng tin l g ? Ti sn : Phn cng, phn mm, d liu,

ATTT l bo v ti sn trnh cc mi e da nh cp thng tin t bn ngoi. Nhng khng nh hng g ti hiu sut kinh doanh ca cng tyNguyn Duy Xy dng chnh sch ATTT3

Mc tiu ca ATTT ? m bo cc tnh cht c bn lin quan n bo mt thng tin Tnh tin cy Tnh ton vn Tnh sn sng

Nguyn Duy

Xy dng chnh sch ATTT

4

Phm vi ca ATTT ?

Nguyn Duy

Xy dng chnh sch ATTT

5

Phn tch ISO 27002-2005Li ch : ISO 27002 gip cho chng ta c ci nhn tng quan v vn ATTT ISO 27002 l chun quc t v hng dn thc hin qun l an ton thng tin v cp n mi thnh phn trong h thng thng tin ca doanh nghip

Nguyn Duy

Xy dng chnh sch ATTT

6

Phn tch ISO 27002-2005Ni dung : Chnh sch an ton thng tin An ton thng tin ca t chc Phn loi v kim sot ti nguyn An ton nhn s An ton vt l v mi trng Qun l truyn thng v vn hnh Kim sot truy cp Pht trin v duy tr h thng Qun l tc nghip lin tc S tun thXy dng chnh sch ATTT7

Nguyn Duy

Phn tch ISO 27002-2005 1.Chnh sch an ton thng tin Mc tiu: Nhm nh hng qun l v h tr bo m an ton thng tin tha mn vi cc yu cu trong hot ng nghip v, mi trng php l v cc quy nh phi tun th Ti liu chnh sch an ton thng tin Duyt li nhng chnh sch a ra

Nguyn Duy

Xy dng chnh sch ATTT

8

Phn tch ISO 27002-2005 2.An ton thng tin ca t chcNi b : Mc tiu: Nhm qun l an ton thng tin bn trong t chc Cam kt ca ban qun l v bo m ATTT Phi hp bo m an ton thng tin Phn nh trch nhim bo m an ton thng tin Quy trnh u quyn cho phng tin x l thng tin Cc tha thun v bo mt Lin lc vi nhng c quan/t chc c thm quyn

Nguyn Duy

Xy dng chnh sch ATTT

9

Phn tch ISO 27002-2005 2.An ton thng tin ca t chcBn ngoi t chc : Mc tiu: Nhm duy tr an ton i vi thng tin v cc phng tin x l thng tin ca t chc c truy cp, x l, truyn ti hoc qun l bi cc b phn bn ngoi t chc. Xc nh cc ri ro lin quan n cc b phn bn ngoi Gii quyt vn v an ton khi thng tho vi khch hng Gii quyt vn v an ton trong cc tha thun vi bn th baNguyn Duy Xy dng chnh sch ATTT10

Phn tch ISO 27002-2005 3.Phn loi v kim sot ti nguynTrch nhim i vi ti sn Mc tiu: Nhm hon thnh v duy tr cc bin php bo v thch hp i vi ti sn ca t chc Kim k ti sn Quyn s hu ti sn S dng hp l ti sn

Nguyn Duy

Xy dng chnh sch ATTT

11

Phn tch ISO 27002-2005 3.Phn loi v kim sot ti nguynPhn loi thng tin Mc tiu: Nhm m bo thng tin s c mc bo v thch hp. Hng dn phn loi Gn nhn v qun l thng tin

Nguyn Duy

Xy dng chnh sch ATTT

12

Phn tch ISO 27002-2005 4.An ton nhn sTrc khi tuyn dng Mc tiu: m bo rng cc nhn vin, nh thu v cc bn th ba hiu r trch nhim ca mnh v ph hp vi vai tr c giao, ng thi gim thiu cc ri ro v vic nh cp, gian ln hoc lm dng chc nng, quyn hn. Vai tr v trch nhim Sng lc iu khon v iu kin tuyn dngNguyn Duy Xy dng chnh sch ATTT13

Phn tch ISO 27002-2005 4.An ton nhn sTrong thi gian lm vic Mc tiu: m bo rng mi nhn vin ca t chc, nh thu v bn th ba nhn thc c cc mi nguy c v cc vn lin quan ti an ton thng tin, trch nhim v ngha v php l ca h, v c trang b cc kin thc, iu kin cn thit nhm h tr chnh sch an ton thng tin ca t chc trong qu trnh lm vic, v gim thiu cc ri ro do con ngi gy ra. Trch nhim ban qun l Nhn thc, gio dc v o to v an ton thng tin X l k lutNguyn Duy Xy dng chnh sch ATTT14

Phn tch ISO 27002-2005 4.An ton nhn sChm dt hoc thay i cng vic: Mc tiu: Nhm m bo rng cc nhn vin ca t chc, nh thu v cc bn th ba ngh vic hoc thay i v tr mt cch c t chc. Trch nhim kt thc hp ng Bn giao ti sn Hy b quyn truy cp

Nguyn Duy

Xy dng chnh sch ATTT

15

Phn tch ISO 27002-2005 5.An ton vt l v mi trngCc khu vc an ton Mc tiu: Nhm ngn chn s truy cp vt l tri php, lm h hi v cn tr thng tin v ti sn ca t chc. Vnh ai an ton vt l Kim sot cng truy cp vt l Bo v cc vn phng, phng lm vic v vt dng Bo v chng li cc mi e da t bn ngoi v t mi trng Lm vic trong cc khu vc an ton Cc khu vc truy cp t do, phn phi, chuyn hngNguyn Duy Xy dng chnh sch ATTT16

Phn tch ISO 27002-2005 5.An ton vt l v mi trngm bo an ton trang thit b Mc tiu: Nhm ngn nga s mt mt, h hi, nh cp hoc li dng ti sn, v s gin on hot ng ca t chc. B tr v bo v thit b Cc tin ch h tr An ton cho dy cp Bo tr thit b An ton cho thit b hot ng bn ngoi nh An ton khi loi b v ti s dng thit b Di di ti snNguyn Duy Xy dng chnh sch ATTT17

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhCc th tc v trch nhim iu hnh Mc tiu: Nhm m bo s iu hnh cc phng tin x l thng tin ng n v an ton. Cc th tc vn hnh c ghi thnh vn bn Qun l thay i Phn tch nhim v Phn tch cc chc nng pht trin, kim th v iu hnh

Nguyn Duy

Xy dng chnh sch ATTT

18

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhQun l vic chuyn giao dch v ca bn th ba Mc tiu: Nhm trin khai v duy tr mc an ton thng tin v vic chuyn giao dch v ph hp vi tha thun chuyn giao dch v ca bn th ba. Chuyn giao dch v Gim st v sot xt cc dch v ca bn th ba Qun l thay i i vi cc dch v ca bn th baNguyn Duy Xy dng chnh sch ATTT19

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhBo v chng li cc m c v m di ng Mc tiu: Nhm bo v tnh ton vn ca phn mm v thng tin. Qun l chng li m c Kim sot cc m di ng

Nguyn Duy

Xy dng chnh sch ATTT

20

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhSao lu Mc tiu: Nhm duy tr s ton vn v sn sng ca thng tin cng nh cc phng tin x l thng tin

Nguyn Duy

Xy dng chnh sch ATTT

21

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhQun l an ton mng Mc tiu: Nhm m bo an ton cho thng tin trn mng v an ton cho c s h tng h tr. Kim sot mng An ton cho cc dch v mng

Nguyn Duy

Xy dng chnh sch ATTT

22

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhQun l phng tin Mc tiu: Nhm ngn nga s tit l, sa i, xo b hoc ph hoi bt hp php cc ti sn v s gin on cc hot ng nghip v. Qun l cc phng tin c th di di Loi b phng tin Cc th tc x l thng tin An ton cho cc ti liu h thngNguyn Duy Xy dng chnh sch ATTT23

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhTrao i thng tin Mc tiu: Nhm duy tr an ton cho cc thng tin v phn mm c trao i trong ni b t chc hoc vi cc thc th bn ngoi. Cc chnh sch v th tc trao i thng tin Cc tha thun trao i Vn chuyn phng tin vt l Thng ip in t Cc h thng thng tin nghip vNguyn Duy Xy dng chnh sch ATTT24

Phn tch ISO 27002-2005 6.Qun l truyn thng v vn hnhCc dch v thng mi in t Mc tiu: Nhm m bo an ton cho cc dch v thng mi in t v vic s dng an ton cc dch v ny. Thng mi in t Cc giao dch trc tuyn Thng tin cng khai

Nguyn Duy

Xy dng chnh sch ATTT

25

Phn tch ISO 27002-2005 7.Kim sot truy cpYu cu nghip v cho qun l truy cp Mc tiu: Qun l cc truy cp thng tin Chnh sch qun l truy cp Bin php qun l: Chnh sch qun l truy cp cn c thit lp, ghi thnh vn bn v sot xt da trn cc yu cu bo mt v nghip v cho cc truy cp.

Nguyn Duy

Xy dng chnh sch ATTT

26

Phn tch ISO 27002-2005 7.Kim sot truy cpQun l truy cp ngi s dng Mc tiu: Nhm m bo ngi dng hp l c truy cp v ngn chn nhng ngi dng khng hp l truy cp tri php n h thng thng tin. ng k thnh vin Qun l c quyn Qun l mt khu ngi s dng Kim sot cc quyn truy cp ca ngi dngNguyn Duy Xy dng chnh sch ATTT27

Phn tch ISO 27002-2005 7.Kim sot truy cpCc trch nhim ca ngi dng Mc tiu: Nhm ngn chn nhng ngi dng tri php truy cp, lm tn hi hoc ly cp thng tin cng nh cc phng tin x l thng tin. S dng mt khu Cc thit b v ch Chnh sch gi sch bn v mn hnh lm vic

Nguyn Duy

Xy dng chnh sch ATTT

28

Phn tch ISO 27002-2005 7.Kim sot truy cpQun l truy cp mng Mc tiu: Nhm ngn chn cc truy cp tri php cc dch v mng. Chnh sch s dng cc dch v mng Xc thc ngi dng cho cc kt ni bn ngoi nh danh thit b trong cc mng Bo v cng cu hnh v chn on t xa Phn tch trn mng Qun l kt ni mng Qun l nh tuyn mngXy dng chnh sch ATTT29

Nguyn Duy

Phn tch ISO 27002-2005 7.Kim sot truy cpQun l truy cp h thng iu hnh Mc tiu: Nhm ngn chn cc truy cp tri php ti h thng iu hnh Cc th tc ng nhp an ton nh danh v xc thc ngi dng H thng qun l mt khu S dng cc tin ch h thng Thi gian gii hn ca phin lm vic Gii hn thi gian kt niNguyn Duy Xy dng chnh sch ATTT30

Phn tch ISO 27002-2005 7.Kim sot truy cpiu khin truy cp thng tin v ng dng Mc tiu: Nhm ngn chn cc truy cp tri php n thng tin lu trong cc h thng ng dng. Hn ch truy cp thng tin Cch ly h thng nhy cm

Nguyn Duy

Xy dng chnh sch ATTT

31

Phn tch ISO 27002-2005 7.Kim sot truy cpTnh ton di ng v lm vic t xa Mc tiu: Nhm m bo an ton thng tin khi s dng cc phng tin tnh ton di ng v lm vic t xa. Tnh ton v truyn thng di ng Lm vic t xa

Nguyn Duy

Xy dng chnh sch ATTT

32

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngYu cu m bo an ton cho cc h thng thng tin Mc tiu: Nhm m bo rng an ton thng tin l mt phn khng th thiu ca cc h thng thng tin. Phn tch v c t cc yu cu v an ton

Nguyn Duy

Xy dng chnh sch ATTT

33

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngTnh ng n trong x l ca cc ng dng Mc tiu: Nhm ngn chn cc li, mt mt, sa i hoc s dng tri php thng tin trong cc ng dng. Kim tra tnh hp l ca d liu nhp vo Kim sot vic x l ni b Tnh ton vn thng ip Kim tra tnh hp l ca d liu u raNguyn Duy Xy dng chnh sch ATTT34

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngQun l m ha Mc ch: Nhm bo v tnh b mt, xc thc hoc ton vn ca thng tin bng cc bin php m ha. Chnh sch s dng cc bin php qun l m ha Qun l kha

Nguyn Duy

Xy dng chnh sch ATTT

35

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngAn ton cho cc tp tin h thng Mc tiu: Nhm m bo an ton cho cc tp tin h thng. Qun l cc phn mm iu hnh Bo v d liu kim tra h thng Qun l truy cp n m ngun ca chng trnh

Nguyn Duy

Xy dng chnh sch ATTT

36

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngBo m an ton trong cc quy trnh h tr v pht trin Mc tiu: Nhm duy tr an ton ca thng tin v cc phn mm h thng ng dng Cc th tc qun l thay i Kim sot k thut cc ng dng sau thay i ca h thng iu hnh. Hn ch thay i cc gi phn mm S r r thng tin Pht trin phn mm thu khonNguyn Duy Xy dng chnh sch ATTT37

Phn tch ISO 27002-2005 8.Pht trin v duy tr h thngQun l cc im yu v k thut Mc tiu: Nhm gim thiu cc mi nguy him xut pht t vic tin tc khai thc cc im yu k thut c cng b.

Nguyn Duy

Xy dng chnh sch ATTT

38

Phn tch ISO 27002-2005 9.Qun l tc nghip lin tc Mc tiu: Chng li cc gin on trong hot ng nghip v v bo v cc quy trnh hot ng trng yu khi cc nh hng do li h thng thng tin hay cc thm ho v m bo kh nng khi phc cc hot ng bnh thng ng lc. Tnh n an ton thng tin trong cc quy trnh qun l s lin tc ca hot ng nghip v nh gi ri ro v s lin tc trong hot ng ca t chc Xy dng v trin khai cc k hoch v tnh lin tc, trong bao gm vn bo m an ton thng tin. Khung hoch nh s lin tc trong hot ng nghip v Kim tra, bo tr v nh gi li cc k hoch m bo s lin tc trong hot ng ca t chcNguyn Duy Xy dng chnh sch ATTT39

Phn tch ISO 27002-2005 10.S tun th Mc tiu: Nhm trnh s vi phm php lut, quy nh, ngha v theo cc hp ng k kt, cc yu cu v bo m an ton thng tin. Xc nh cc iu lut hin ang p dng c Quyn s hu tr tu (IPR) Bo v cc h s t chc Bo v d liu v s ring t ca thng tin c nhn Ngn nga vic lm dng phng tin x l thng tin Quy nh v qun l m ha

Nguyn Duy

Xy dng chnh sch ATTT

40

Question ???


Related Documents
ISO IEC 27002 Baseline Selection

ISO IEC 27002 Baseline Selection

Category: Documents
Iso 27001 iso 27002

Iso 27001 iso 27002

Category: Education
Estándar iso iec 27002 2005

Estándar iso iec 27002 2005

Category: Technology
2.8 Noções das normas ISO 27001 e ISO 27002

2.8 Noções das normas ISO 27001 e ISO 27002

Category: Documents
Aula 4 - ISO 27002

Aula 4 - ISO 27002

Category: Documents
PECB Certified ISO/IEC 27002 Manager

PECB Certified ISO/IEC 27002 Manager

Category: Documents
Nbr iso 27002

Nbr iso 27002

Category: Engineering
Curso oficial iso 27002:2013 foundation

Curso oficial iso 27002:2013 foundation

Category: Documents
ISO 27002:2005 - Revista Publicando

ISO 27002:2005 - Revista Publicando

Category: Documents
Fondamentaux ISO 27002 - fidens.fr

Fondamentaux ISO 27002 - fidens.fr

Category: Documents
Certified ISO 27002 Manager - Fifalde

Certified ISO 27002 Manager - Fifalde

Category: Documents
ISO 27002 Exin

ISO 27002 Exin

Category: Documents