English  |  正體中文  |  简体中文  |  Items with full text/Total items : 78111/78111 (100%)
Visitors : 30662573      Online Users : 148
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version

    Please use this identifier to cite or link to this item: http://ir.lib.ncu.edu.tw/handle/987654321/67554

    Title: 資訊安全管理之探討 -以A公司在兩岸建構為例
    Authors: 賴冠華;LAI,KUAN-HUA
    Contributors: 高階主管企管碩士班
    Keywords: 資訊安全;BS7799;ISO27001;SWOT 分析;資訊安全管理;Information security;BS7799;ISO27001;SWOT analysis;information security management
    Date: 2015-05-21
    Issue Date: 2015-07-30 21:42:20 (UTC+8)
    Publisher: 國立中央大學
    Abstract: 資訊安全管理已是當今不可忽視的管理議題,其主要之精神乃在於辨識出組織的重要資訊資產及其所面臨的威脅,並在資源有效地分配下,規劃合理之控管措施,以使得風險降至可接受範圍。這是一個資訊安全風險管理的過程,管理的重點應放在組織機密資料的保護,而非所有資料存取的管道,因為如此將造成企業的成本浪費並模糊失焦。近年來國內外層出不窮的資訊安全事件,多為缺乏上述資訊安全風險管理機制所致。
    ;Information security management is non-ignorable management topic, and the key spirit is to identify important information property in organization and the threat been faced, then under effect resource arrangement plan reasonable control policy, and reduce risk to acceptable range. This is an information security risk management process, key point of management should focus on protection of secrete information in organization,instead of all information access channel, because this will cause enterprise waste cost and lost focus as well. Yearly most of information security events from international and domestic are due to lack of above information security risk management mechanism.
    When enterprise during expansion business size, need through information security and management policy to protect the Intelligence Property and secret information, And information user also need security concept to well use company resource, by through regulation, system and authority control to manage and use company information property effetely.
    This research based on BS7799 international security spec, and choose printed circuit board A company as case study, based on case study company information, high level management interview and historical experience, integrate all of information then refer to international and domestic articles, and also from company operation status, information security problem, influence of impact, to show importance of information security by effectiveness of measures and concrete results from improvements and know the difference between before and after of information security structure setup.
    Information security is continue operating plan, even lots of enterprise already setup information security policy but still can not avoid information security events happens, the reason is ignore the importance of security management and did not update continually. In view of this, the study recommends that companies need to continue finding out and feedback areas need to improve, and continue to update information security plan based on requirement at different phase of information security.
    Appears in Collections:[高階主管企管(EMBA)碩士班] 博碩士論文

    Files in This Item:

    File Description SizeFormat

    All items in NCUIR are protected by copyright, with all rights reserved.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明