6.reference documentation 參考文檔

-Government IT Security Documents/政府資訊科技保安文件

https://www.ogcio.gov.hk/en/our_work/information_cyber_security/government/

-Professional Methodologies/專業(yè)的方法論

https://www.ogcio.gov.hk/en/our_work/infrastructure/

The Contractor shall comply with the following Government regulations, policies, standards, guidelines, methodologies and quality requirements:

承包商應(yīng)遵守以下政府法規(guī)、政策、標(biāo)準(zhǔn)、指南、方法和質(zhì)量要求:

a.Baseline IT Security Policy /基線IT安全策略

b.IT Security Guidelines/IT安全指南

c.Practice Guide for Security Risk Assessment & Audit/安全風(fēng)險(xiǎn)評(píng)估與審計(jì)實(shí)踐指南

d.Practice Guide for Information Security Incident Handling/信息安全事件處理實(shí)踐指南

e.Practice Guide for IT Outsourcing/信息技術(shù)外包實(shí)踐指南

f.The Interoperability Framework for the e-Government/電子政務(wù)互操作框架

g.Best Practices for Business Analyst/業(yè)務(wù)分析師的最佳實(shí)踐

h.Effective Systems Analysis and Design Guide/高效系統(tǒng)分析與設(shè)計(jì)指南

i.Practice Guide for Agile Software Development/敏捷軟件開發(fā)實(shí)踐指南

j.Practice Guide for Scoping and Planning of Large-scale IT System Development Projects/大型IT系統(tǒng)開發(fā)項(xiàng)目的范圍界定和規(guī)劃實(shí)踐指南

k.The Government Technology and System Architectures (“GTSA”) Framework/政府技術(shù)和系統(tǒng)架構(gòu)（“ GTSA ”）框架

l.Common Look and Feel Guidelines and Design Specifications /通用觀感指南和設(shè)計(jì)規(guī)范

(For Government websites, the contractor needs to adopt mobile friendly design to provide good user experience with different devices (including desktop, notebook computers, tablets & smartphones) in accordance to the "Common Look and Feel Guidelines and Design Specifications".)

（對(duì)于政府網(wǎng)站，承包商需要采用移動(dòng)友好設(shè)計(jì)，以根據(jù)“通用外觀指南和設(shè)計(jì)規(guī)范”，在不同設(shè)備（包括臺(tái)式電腦、筆記本電腦、平板電腦和智能手機(jī)）上提供良好的用戶體驗(yàn)。）

m.Security Regulations/安全條例

n.Practice Guide for Website and Web Application Security/網(wǎng)站和Web應(yīng)用程序安全實(shí)踐指南

o.Practice Guide for Mobile Security/移動(dòng)安全實(shí)踐指南

p.Practice Guide for Internet Gateway Security/互聯(lián)網(wǎng)網(wǎng)關(guān)安全實(shí)踐指南

q.Baseline IT Security Policy for the WSD/水務(wù)署資訊科技保安政策基線

r.The Government Cloud Adoption Framework (“GCAF”)/政府云采用框架（“ GCAF ”）

s.Any other relevant regulations, policies, guidelines and procedures issued by OGCIO and WSD/政府資訊科技總監(jiān)辦公室及水務(wù)署發(fā)出的任何其他有關(guān)規(guī)例、政策、指引及程序

?which are based on the prevailing Government standards and methodologies that?can be found at OGCIO’s website (https://www.ogcio.gov.hk/en/infrastructure/methodology/?).