|
Cyber Essentials is a UK government scheme encouraging organisations to adopt good practice in information security. It includes an assurance framework and a simple set of security controls to protect information from threats coming from the internet. It was launched in 2014 by the Department for Business, Innovation and Skills.〔(【引用サイトリンク】url=http://ico.org.uk/news/current_topics/cyber-essentials )〕 ==Assurance framework== Organisations can earn two levels of certification, or badges:〔(【引用サイトリンク】url=https://www.cyberstreetwise.com/cyberessentials/files/assurance-framework.pdf )〕 * Cyber Essentials: Organisations self-assess their systems, and this assessment is independently verified. * Cyber Essentials Plus: Systems are independent tested, and Cyber Essentials is integrated into the organisation's information risk management. Annual recertification is required. Certifying bodies are, in turn, licensed by accreditation bodies, which have been appointed by UK government. CREST has developed an assessment framework.〔(【引用サイトリンク】url=http://www.crest-approved.org/industry-government/cyber-essentials/ )〕 As with ISO/IEC 27001:2005, organisations may choose to limit the scope of certification to a certain subset of their business. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Cyber Essentials」の詳細全文を読む スポンサード リンク
|