摘要
在信息安全管理工作中经常会遇到两个术语:风险评估(RA)与业务影响分析(BIA),两者具有很大的相似性,却又是两个不同的概念,它们的关注点和侧重点均有所差别,从多个方面对两个概念的区别与联系进行了分析。
In information security management people often meet with two terms: risk assessment(RA)and business impact analysis(BIA).They have a lot of similarities,but they are two different concepts.Their concerns and focus are different.This paper analyzes the difference and connection of the two concepts from several aspects.
出处
《计算机安全》
2011年第4期79-81,共3页
Network & Computer Security
关键词
信息安全管理
风险评估
业务影响分析
information security management
risk assessment
business impact analysis
