In order to evaluate the effectiveness of the Information Security Management System (ISMS) and control measures or groups of control measures implemented in accordance with the provisions of GB/T 22080-2008, this standard provides guidance on how to prepare measures and measurements and how to use them . This International Standard is applicable to organizations of all types and sizes.
GB/T 31497-2015 Referenced Document
GB/T 22080-2008 Information technology.Security techniques.Information security management systems.Requirements
GB/T 29246-2012 Information technology.Security techniques.Information security management systems.Overview and vocabulary
GB/T 31497-2015 history
2024GB/T 31497-2024 Information Technology Security Technology Information Security Management Monitoring, Measurement, Analysis and Evaluation
2015GB/T 31497-2015 Information technology.Security techniques.Information security management.Measurement