帮忙翻译下这三段,有关安全审计方面,需手工翻译的,谢谢!
3.3securitauditTodeterminetheeffectivenessofsecuritymeasuresforsystemsisassessed.Thea...
3.3 securit audit
To determine theeffectiveness of security measures for systems is
assessed. The aimof an audit is to review the system architecture (including
the informationsecurity documentation) and assess the actual
implementation andeffectiveness of controls for a system.
3.3.1 Audit (first stage)
The purpose of thefirst stage of the audit is to determine that the system
architecture(including information security documentation) is based on
sound securityprinciples and has addressed all applicable controls. During
this stage, thestatement of applicability for the system will also be assessed
along with anyjustification for non-compliance.
3.3.2 Audit (second stage)
The purpose of thesecond stage of the audit is to determine whether the
controls, asapproved by the system owner and reviewed during the first
stage of the audit,have been implemented and are operating effectively.
The implementationof controls must be assessed to determine whether they
have beenimplemented and are operating effectively. 展开
To determine theeffectiveness of security measures for systems is
assessed. The aimof an audit is to review the system architecture (including
the informationsecurity documentation) and assess the actual
implementation andeffectiveness of controls for a system.
3.3.1 Audit (first stage)
The purpose of thefirst stage of the audit is to determine that the system
architecture(including information security documentation) is based on
sound securityprinciples and has addressed all applicable controls. During
this stage, thestatement of applicability for the system will also be assessed
along with anyjustification for non-compliance.
3.3.2 Audit (second stage)
The purpose of thesecond stage of the audit is to determine whether the
controls, asapproved by the system owner and reviewed during the first
stage of the audit,have been implemented and are operating effectively.
The implementationof controls must be assessed to determine whether they
have beenimplemented and are operating effectively. 展开
1个回答
展开全部
3.3 安全审计
为确定系统的安全措施的有效性特此评进行估。审计的目的是为了检查系统结构(包括信息安全文件)并评估系统控制的实际执行情况和有效性 。
3.3.1审计(第一阶段)
第一阶段审计的目的是基于合理的安全准则和所有已解决适用的控制来确定系统架构(包括信息安全文件)。在这个阶段,系统相关报表的适用范围和及其合理性也将同时被评估。
3.3.2章审计(第二阶段)的目的,
第二阶段的审计是确定在第一阶段审计过程中经系统业主批准并复核过的系统控制是否已经执行实施并正有效运行。控制措施必须通过评估来确定是否已经被执行实施、是否已经有效的投入运行。
为确定系统的安全措施的有效性特此评进行估。审计的目的是为了检查系统结构(包括信息安全文件)并评估系统控制的实际执行情况和有效性 。
3.3.1审计(第一阶段)
第一阶段审计的目的是基于合理的安全准则和所有已解决适用的控制来确定系统架构(包括信息安全文件)。在这个阶段,系统相关报表的适用范围和及其合理性也将同时被评估。
3.3.2章审计(第二阶段)的目的,
第二阶段的审计是确定在第一阶段审计过程中经系统业主批准并复核过的系统控制是否已经执行实施并正有效运行。控制措施必须通过评估来确定是否已经被执行实施、是否已经有效的投入运行。
来自:求助得到的回答
本回答由提问者推荐
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
