当前位置:网站首页>What does grade evaluation mean? What is included in the workflow?
What does grade evaluation mean? What is included in the workflow?
2022-06-30 21:13:00 【Xingyun housekeeper】
Equal insurance 2.0 The policy is in full swing , However, there are still many enterprises for waiting insurance 2.0 The policy is not well understood , For example, I don't know what grade evaluation means ? What is included in the workflow, etc . Today we will give you a brief explanation .
What does grade evaluation mean ?
Grade evaluation refers to the evaluation of information security grade protection , Simply put, it is the evaluation of the protection of information and its carriers according to their importance . Specifically, it is a qualified evaluation institution certified by the Ministry of public security , According to the national code for classified protection of information security , Entrusted by relevant units , In accordance with the relevant management norms and technical standards , The activity of testing and evaluating the security level protection status of information system .
What does the rating evaluation workflow include ?
1、 System grading , For business 、 assets 、 Research on safety technology and safety management , Determine the grading system , Prepare the grading report , Provide assistance in grading service , Assist the user to complete the grading report , Organize expert review ;
2、 Equal warranty filing , Take the grading report and filing form to the local public security network supervisor for system filing ;
3、 Construction rectification , Refer to grading requirements and Standards , Rectify and reinforce the information system , Build a safety management system ;
4、 Rating , The evaluation organization evaluates the information system level , Form evaluation report ;
5、 Compliance supervision and inspection , Submit the evaluation report to the local public security network supervisor , The public security organ shall supervise and inspect the work of graded protection .
Knowledge development : Description of basic evaluation activities of grade evaluation
1、 Evaluation preparation activities
This activity is the premise and foundation of grade evaluation , It is the guarantee of the effectiveness of the whole grade evaluation process . Whether the evaluation preparation is sufficient is directly related to whether the follow-up work can be carried out smoothly . The main task of this activity is to master the details of the tested system , Prepare test tools , Prepare for the preparation of evaluation scheme .
2、 Programming activities
This activity is the key activity to carry out grade evaluation , Provide the most basic documents and guidance scheme for on-site evaluation . The main task of this activity is to determine the evaluation object suitable for the tested information system 、 Evaluation index and evaluation content, etc , And reuse or develop evaluation instructions as needed , Form evaluation scheme .
3、 On site evaluation activities
This activity is the core activity of grade evaluation . The main task of this activity is to meet the overall requirements of the evaluation scheme , Strictly implement the evaluation instructions , Implement all evaluation items step by step , Including unit evaluation and overall evaluation , To understand the real protection of the system , Get enough evidence , Find security problems in the system .
4、 Analysis and report preparation activities
This activity is to give the results of grade evaluation , It is a comprehensive evaluation activity to summarize the overall safety protection capability of the tested system . The main task of this activity is based on the on-site evaluation results and the relevant requirements of the insurance policy , It is determined by the results of individual evaluation 、 Unit evaluation result judgment 、 Methods such as overall evaluation and risk analysis , Find out the gap between the safety protection status of the whole system and the protection requirements of the corresponding level , And analyze the risks faced by the tested system due to these gaps , So as to give the grade evaluation conclusion , Form the evaluation report text .
边栏推荐
- uniapp-路由uni-simple-router
- Personal developed penetration testing tool Satania
- Basic concepts of tree
- Open source internship experience sharing: openeuler software package reinforcement test
- sqlserver 字符串类型转换成小数或者整数类型
- 申请Vector 总线协议彩图壁纸挂画,非常棒哦!
- 文本识别-SVTR论文解读
- How to run jenkins build, in multiple servers with ssh-key
- Et la dégradation du modèle de génération de texte? Simctg vous donne la réponse
- Text recognition svtr paper interpretation
猜你喜欢
毕业五年,想当初若没有入行测试,我是否还会如这般焦虑
Adobe Photoshop (PS) - script development - remove file bloated script
报错:Internal error XFS_WANT_CORRUPTED_GOTO at line 1635 of file fs/xfs/libxfs/xfs_alloc.c.
Software engineering UML drawing
ArcGIS construction and release of simple road network data service and rest call test
How to move forward when facing confusion in scientific research? How to give full play to women's advantages in scientific research?
多态在代码中的体现
CentOS - enable / disable Oracle
qiao-npms:搜索npm包
On the charm of code language
随机推荐
报错FileSystemException: /datas/nodes/0/indices/gtTXk-hnTgKhAcm-8n60Jw/1/index/.es_temp_file:结构需要清理
Learning summary
开发技术-获取10分钟前的时间
遇到“word在试图打开文件时遇到错误”怎么办?
【等级测评师】等级测评师怎么报名?多少分及格?
Iclr'22 spotlight | how to measure the amount of information in neural network weights?
升级kube出现unknown flag: --network-plugin
Double solid histogram / double y-axis
Use the log server to output the topn of various Apache logs
网络营销之四大误解
A small step in code change and a big leap in thinking
How to move forward when facing confusion in scientific research? How to give full play to women's advantages in scientific research?
B_QuRT_User_Guide(32)
个人开发的渗透测试工具Satania
加密与解密以及OpenSSL的应用
asp.net core JWT传递
减少嵌入式软件调试时间的三个技巧
Metauniverse may become a new direction of Internet development
ca i啊几次哦啊句iu家哦11111
测试勋章1234