我国与ISO信息安全标准对比研究

研究目的]信息安全标准作为信息安全保障的指导性技术文件在保障我国信息安全方面起到至关重要的作用。有必要对比我国和ISO信息安全标准的差别,以查找问题。研究方法]该研究通过文献计量和知识图谱相结合的方法对402项我国信息安全标准和378项ISO信息安全标准,以及71项我国在研标准计划和82项ISO在研标准计划进行对比分析。研究结论]研究发现,我国信息安全标准从体量和更新速度上略胜ISO。从主题上来看,我国标准着重于技术类和应用类标准的发展,并已超越ISO。但在信息安全管理体系和隐私保护方面,我国相对落后。此外,我国标准化工作效率和完成度仍有提升空间。

A Comparative Study of Chinese and ISO Information Security Standards

Research purpose]Information security standards,as guiding documents for information security assurance,play a vital role in protecting our country's information security.It is necessary to compare the differences between Chinese and ISO information security standards to find problems and keep up with the development trends.Research method]In this study,402 Chinese national information security standards and 378 ISO information security standards,as well as 71 Chinese in-research standard plans and 82 ISO in-research standard plans were compared and analyzed through bibliometrics and knowledge graphs.Research conclusion]The study found that Chinese national information security standards slightly outperform ISO in terms of size and update speed.From the aspect of themes,Chinese national standards focus on the development of technical and application standards,and have surpassed ISO.However,China is relatively backward in terms of information security management system and privacy protection.In addition,there is still room for improvement in the efficiency and completion of standardization work of China.