本文件通过展示医疗设备或健康信息系统供应商为医疗设施（HCF）中的信息系统提供的远程维护服务（RMS）风险分析实例，为ISMS的实施提供了指南，以保护双方的信息资产（主要是信息系统本身和个人健康数据）安全高效（即经济）的方式。 本文件包括: -ISMS在RMS中的应用； -RMS安全管理措施； -基于ISMS中定义的“控制”的评估和有效性示例。

This document gives a guideline for implementation of an ISMS by showing practical examples of risk analysis on remote maintenance services (RMS) for information systems in healthcare facilities (HCFs) as provided by vendors of medical devices or health information systems in order to protect both sides' information assets (primarily the information system itself and personal health data) in a safe and efficient (i.e. economical) manner. This document consists of: — application of ISMS to RMS; — security management measures for RMS; — an example of the evaluation and effectiveness based on the "controls" defined in the ISMS.