• Shopping Cart
    There are no items in your cart

INCITS/ISO/IEC TR 13335-3 : 1998

Current

Current

The latest, up-to-date edition.

INFORMATION TECHNOLOGY - GUIDELINES FOR THE MANAGEMENT OF IT SECURITY - PART 3: TECHNIQUES FOR THE MANAGEMENT OF IT SECURITY

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

01-01-2007

1 Scope
2 References
3 Definitions
4 Structure
5 Aim
6 Techniques for the Management of IT Security
7 IT Security Objectives, Strategy and Policies
   7.1 IT Security Objectives and Strategy
   7.2 Corporate IT Security Policy
8 Corporate Risk Analysis Strategy Options
   8.1 Baseline Approach
   8.2 Informal Approach
   8.3 Detailed Risk Analysis
   8.4 Combined Approach
9 Combined Approach
   9.1 High Level Risk Analysis
   9.2 Baseline Approach
   9.3 Detailed Risk Analysis
   9.4 Selection of Safeguards
   9.5 Risk Acceptance
   9.6 IT System Security Policy
   9.7 IT Security Plan
10 Implementation of the IT Security Plan
   10.1 Implementation of Safeguards
   10.2 Security Awareness
   10.3 Security Training
   10.4 Approval of IT Systems
11 Follow-up
   11.1 Maintenance
   11.2 Security Compliance Checking
   11.3 Change Management
   11.4 Monitoring
   11.5 Incident Handling
12 Summary
Annex A An Example Contents List for a Corporate IT Security
         Policy
Annex B Valuation of Assets
Annex C List of Possible Threat Types
Annex D Examples of Common Vulnerabilities
Annex E Types of Risk Analysis Method

Presents techniques for the management of IT security. The techniques are based on the general guidelines laid out in ISO/IEC TR 13335-1 and ISO/IEC TR 13335-2. These guidelines are designed to assist the implementation of IT security.

DocumentType
Standard
Pages
54
ProductNote
Reconfirmed 1998
PublisherName
Information Technology Industry Council
Status
Current

Standards Relationship
ISO/IEC TR 13335-3:1998 Identical

ISO/IEC TR 13335-2:1997 Information technology Guidelines for the management of IT Security Part 2: Managing and planning IT Security
ISO/IEC TR 13335-1:1996 Information technology — Guidelines for the management of IT Security — Part 1: Concepts and models for IT Security

Access your standards online with a subscription

Features

  • Simple online access to standards, technical information and regulations.

  • Critical updates of standards and customisable alerts and notifications.

  • Multi-user online standards collection: secure, flexible and cost effective.