This guiding technical document specifies the content and process of information security risk management, and provides guidance for information security risk management at different stages of the information system life cycle. This guiding technical document is applicable to guide organizations to carry out information security risk management.
GB/Z 24364-2009 Referenced Document
GB 17859-1999 Classified oriteria for security protection of computer information system
GB/T 18336.2-2008 Information technology. Security techniques. Evaluation criteria for IT security. Part 2: Security functional requirements
GB/T 20984-2007 Information Security Technology Information Security Risk Assessment Specification
GB/T 22081-2008 Information technology.Security techniques.Code of practice for information security management
GB/Z 24364-2009 history
2023GB/T 24364-2023 Information Security Technology Information Security Risk Management Implementation Guide
2009GB/Z 24364-2009 Information security technology.Guidelines for information security risk management
GB/Z 24364-2009 Information security technology.Guidelines for information security risk management was changed to GB/T 24364-2023 Information Security Technology Information Security Risk Management Implementation Guide.