序号#S/N信息安全要求Information Security Requirements自评得分Self-assessment负责部门ResponsibleDepartment1.1供应商须建立信息安全管理组织并定义其职责,组织各级员工可获取。The suppliers must establish an information securitymanagement organization and define theirresponsibilities, and make them available to to allemployees.11.2供应商应制定信息安全的相关策略(应充分考虑客户的信息安全要求),组织各级员工了解并可获取。The suppliers should establish the informationsecurty policies (Customer's information securityrequirements should be fully considered) and makethem available to all employees.21.3供应商须将****的《供应商来访我司安全保密须知》(最新版文件名为《**** 供应商安全保密须知 》的要求传达至内部相关人员,特别是参与****项目和在****现场调试的人员。The suppliers must pass on the requirements of (The latest file is called "****Supplier Security and Confidential Instructions") torelevant employees, especially those were involved21.4供应商若提供设备电脑给****,设备进入****前须按照****《设备电脑信息安全管理工作指示》进行自查,并将要求传达给相关人员(特别是在****的现场工程师)。If the suppliers provides the equipment computer to****, the equipment must be self-inspectedaccording to the **** "Equipment ComputerInformation Security Management WorkInstruction" before entering the ****, and therequirements are available to the relevant personnel21.5供应商若参与****现场的设备调试,须使用****租赁笔记本电脑进行调试,并将要求传达给相关人员。If the suppliers debug the equipment at ****, theymust use the '**** rental laptop' to debug, and thisrequirement is made available to the relevantpersonnel.21.6供应商须实施项目信息安全管理,尤其是****项目,包含密级划分、人员管理、文档管理、风险评估等。The suppliers must implement project informationsecurity management, especially for **** proje...
