Building an Information Technology Security Awareness and Training Program
暫譯: 建立資訊科技安全意識與訓練計畫

nist

Building an Information Technology Security Awareness and Training Program
  • 出版商: CreateSpace Independ
  • 出版日期: 2013-12-12
  • 售價: $810
  • 貴賓價: 9.5$770
  • 語言: 英文
  • 頁數: 72
  • 裝訂: Paperback
  • ISBN: 1494469979
  • ISBN-13: 9781494469979
  • 相關分類: 資訊安全

    • 海外代購書籍(需單獨結帳)

相關主題

商品描述

NIST Special Publication 800-50, Building An Information Technology Security Awareness and Training Program, provides guidance for building an effective information technology (IT) security program and supports requirements specified in the Federal Information Security Management Act (FISMA) of 2002 and the Office of Management and Budget (OMB) Circular A-130, Appendix III.The document identifies the four critical steps in the life cycle of an IT security awareness and training program: 1) awareness and training program design (Section 3); 2) awareness and training material development (Section 4); 3) program implementation (Section 5); and 4) post-implementation (Section 6).The document is a companion publication to NIST Special Publication 800-16, Information Technology Security Training Requirements: A Role- and Performance-Based Model. The two publications are complementary - SP 800-50 works at a higher strategic level, discussing how to build an IT security awareness and training program, while SP 800-16 is at a lower tactical level, describing an approach to role-based IT security training.

商品描述(中文翻譯)

NIST 特別出版物 800-50,《建立資訊科技安全意識與訓練計畫》,提供建立有效的資訊科技 (IT) 安全計畫的指導,並支持 2002 年《聯邦資訊安全管理法案》(FISMA)及預算管理辦公室(OMB)通函 A-130 附錄 III 中所規定的要求。該文件確定了 IT 安全意識與訓練計畫生命週期中的四個關鍵步驟:1) 意識與訓練計畫設計(第 3 節);2) 意識與訓練材料開發(第 4 節);3) 計畫實施(第 5 節);以及 4) 實施後(第 6 節)。該文件是 NIST 特別出版物 800-16,《資訊科技安全訓練要求:基於角色和表現的模型》的配套出版物。這兩份出版物是互補的 - SP 800-50 在更高的戰略層面上運作,討論如何建立 IT 安全意識與訓練計畫,而 SP 800-16 則在較低的戰術層面上,描述基於角色的 IT 安全訓練方法。

類似商品