|
+ISMS.1.A10 Drawing Up a Security Concept (S) |
1. ÜbersichtISMS.1.A10 Drawing Up a Security Concept (S)For the specified scope (the information domain), an adequate security concept SHOULD bedrawn up as the central document in the security process. It SHOULD also be decided whether the security concept can also consist of several sub-concepts that are drawn up successively to establish the required level of security in selected areas first. In the security concept, specific security safeguards appropriate for the information domain under consideration MUST be derived from the security objectives of the organisation in question, the protection needs identified, and the risk evaluation conducted. The security process and the security concept MUST take the individually applicable regulations and provisions into account. The safeguards provided in the security concept MUST be implemented promptly in practice. Their implementation MUST be planned and monitored.
1.1 Referenzen1.2 Identifizierte Anforderungen1.2 Related Regulation2. Identifizierte Anforderungen
3. Related Regulations
|