中大機構典藏-NCU Institutional Repository-提供博碩士論文、考古題、期刊論文、研究計畫等下載:Item 987654321/53265
English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41677859      線上人數 : 1483
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/53265


    題名: 企業資訊安全體系(ISO27001)導入之研究─以個案公司為例
    作者: 黃泓銘;Hong-ming Huang
    貢獻者: 管理學院高階主管企管碩士班
    關鍵詞: 效益分析;遭遇困難;關鍵成功要素;資訊安全管理系統;ISO27001;The key success factors;Information Security Management System;ISO27001;Benefit from adopting ISMS;Difficulties encountered
    日期: 2012-01-12
    上傳時間: 2012-06-15 20:37:02 (UTC+8)
    摘要: 資訊科技的進步與普及,企業使用資訊系統與依賴資訊的程度也越來越高,企業使用資訊系統來取代單調重複的人工作業,成為企業競爭的利器之ㄧ。企業使用資訊化所帶來的便利,也要預防資訊洩漏所帶來的競爭威脅,故『資訊安全』是企業組織不容忽視的一項重要議題。企業如何善用資源,有效落實資訊安全的政策與管理,是企業組織的挑戰項目之ㄧ。 資訊安全規範最早由英國國家標準協會 (British Standards Institute,BSI) 於1995年提出 BS7799資訊安全管理系統 (ISMS︰Information Security Management System )是為BS7799 Part I,於2005年6月成為 ISO /IEC 17799︰2005國際標準,BS7799 Part II於2005年10月被國際標準化組織 (ISO) 正式採納為ISO/IEC 27001︰2005資訊安全管理系統標準,是現今國際社會最多所認同並採用的資訊安全管理標準。 本文獻屬於個案研究,透過深入訪談的方式,探討個案公司導入資訊安全管理系統 (ISMS︰Information Security Management System )並取得資訊安全認證,歸納出企業導入資訊安全系統時,於評估資訊資產風險要素的過程中所面臨使用者的抗拒、導入前後對於組織資訊安全的的效益以及導入認證的關鍵成功因素。 可作為其他企業導入之參考,縮短導入之時程。 並藉由PDCA ( Plan,Do,Check,Action) 管理循環達到持續改善的要求。The progress and popularization of information technology, business use of information systems and rely on increasingly high level of information, business information systems used to replace repetitive manual tasks, become competitive weapon subsequently. Enterprises to use the convenience of information technology, but also prevent information leakage caused by the competitive threat, so the information security 』『 organization is an important issue can not be ignored. How companies make the best use of resources, effective implementation of information security policy and management, is the challenge of the project organization subsequently. Security specification was first proposed by the British National Standards Institute (British Standards Institute, BSI) in 1995 proposed Information Security Management System BS7799 (ISMS ︰ Information Security Management System) is to BS7799 Part I, in June 2005 to become ISO / IEC 17799 ︰ 2005 International Standard, BS7799 Part II in October 2005 by the International Organization for Standardization (ISO) formally adopted as ISO / IEC 27001 Information Security Management System ︰ 2005 standard, is now the most recognized by the international community and adopt the information security management standards. In this study, case study, the use of in-depth interviews and questionnaire survey, case discussion, Information Security Management System (ISMS ︰ Information Security Management System) and get information security certification, induction into the enterprise information security system of risk assessment of information assets Elements of the resistance faced by users of the benefits and differences between before and after import. Can be used as a reference for other enterprises to import and shorten the time of import process. And achieve continuous improvement requirements through the PDCA (Plan, Do, Check, Action) management cycle.
    顯示於類別:[高階主管企管(EMBA)碩士班] 博碩士論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML720檢視/開啟


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明