GB/T 20984-2007 Translated English of Chinese Standard. (GBT 20984-2007, GB/T20984-2007, GBT20984-2007): Information security technology - Risk assessment specification for information security [Buy--download True-PDF in 3-second: https://play.google.com/books > Sign in > This BOOK > "3-dots" > Export > Save as "*.pdf"]https://www.chinesestandard.net, 2019 M01 13 - 55 pages This standard proposes the basic concepts, element relationships, analysis principles, implementation processes, assessment methods of risk assessment, as well as the implementation key-points and working forms of risk assessment at different stages of the life cycle of information system. This standard applies to normalizing the risk assessment work carried out by the organization. |
Common terms and phrases
according application software assessment and management assessment results asset A1 asset identification asset value Assigned value business strategy Calculate the loss calculate the risk calculation method Calculation of risk confidentiality damage database design plan electromagnetic interference element value environment existing security measures exploited by threat frequency of occurrence frequency of threats GB/T hardware hierarchical treatment impact important assets information security information system Inspection-assessment intrusion detection system likelihood of occurrence loss caused loss of security management tools management vulnerability matrix method multiplication method obsolete occurrence of security operating system organization organization’s personnel principle of risk relevant residual risk risk analysis risk assessment process risk assessment tool risk calculation risk elements risk management plan risk matrix security attributes security incident loss security requirements security risk self-assessment Severity of vulnerability specific standard technical technical vulnerability threat T1 value-assignment Very-high Very-low vulnerability identification vulnerability scanner vulnerability scanning tools vulnerability V1