摘要
安全保密策略是涉密信息系统安全稳定运行的指导依据,安全审计是发现涉密信息系统安全隐患和安全事件的技术手段,风险评估则是涉密信息系统安全建设的起点和基础。文章介绍了涉密信息系统安全保密策略、安全审计、风险评估的概念和内容,分析了三者之间相辅相成的关系。
Security strategy is the guide for running security and stability of the Secret-involved information system, security audit is the technology of discovering security vulnerabilities and event of the Secret-involved information system, Risk evaluation is the starting port and basis of constructing the Secret-involved information system. The paper analyses the relationship between security strategy, security Audit, risk evaluation of the Secret-involved formation system.
关键词
涉密信息系统
安全保密策略
安全审计
风险评估
secret-involved information system
security strategy
security audit
risk evaluation