YD/T 1621-2007 (English Version) PDF

Scope: This standard specifies the network and information security service qualification requirements that organizations that provide network and information security services to telecommunications operating enterprises should possess. This standard is applicable to the network and information security service qualification assessment of organizations that provide network and information security services to telecom operating enterprises. It can be used as a basis for telecom operating enterprises to select network and information security service providers, and can be used as a basis for relevant national competent authorities to evaluate network and information security service providers. Technical specifications for management and inspection by network and information security service providers can also provide guidance for network and information security service providers to improve their own capabilities.

YD/T 1621-2007 Referenced Document

GB/T 19000.3-2001 Quality management and quality assurance standards--Part 3: Guidelines for the application of GB/T 19001-1994 to the development,supply,installation and maintenance of computer software
GB/T 19001-2000 Quality management systems-Requirements
GB/T 19004.2-1994 Quality management and quality system elements--Part2:Guidelines for services
GB/T 19004.4-1994 Quality management and quality system elements-Part 4:Guidelines for quality improvement
ISO/IEC 21827:2002 Information technology - Systems Security Engineering - Capability Maturity Model (SSE-CMM?)

2007 YD/T 1621-2007 Evaluation Criteria for Competence of Information Security Service Provider