Professional Standard - Post and Telecommunication
Latest
YD/T 2252-2011
Scope
This standard specifies the service capability requirements that network and information security risk assessment service providers should possess, as well as the requirements for the evaluation of information security risk assessment service providers. This standard is applicable to the evaluation of the service capabilities of network and information security risk assessment service providers. It can be used as a basis for information system owners to select information security risk assessment service providers, and for relevant competent authorities to manage information security risk assessment service providers. The technical specifications can also provide a reference for information security risk assessment service providers to improve their service capabilities.
YD/T 2252-2011 Referenced Document
GB/T 20984 Information security technology—Risk assessment method for information security*, 2022-04-15 Update
GB/T 5271.8 Information technology-Vocabulary Part 8: Security
YD/T 2252-2011 history
2011YD/T 2252-2011 Evaluation criteria of service capability for network and information security risk assessment