English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 42803675      線上人數 : 1093
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋


    請使用永久網址來引用或連結此文件: http://ir.lib.ncu.edu.tw/handle/987654321/13331


    題名: 資訊人員安全管理對企業資訊系統安全之影響;Influence to that enterprise's information system is safe of personnel's safety management of information
    作者: 林保祥;Pao-Hsiang Lin
    貢獻者: 資訊管理學系碩士在職專班
    關鍵詞: BS7799;資訊安全;人員安全;Personnel Security;Information Security;BS7799
    日期: 2009-06-25
    上傳時間: 2009-09-22 15:29:14 (UTC+8)
    出版者: 國立中央大學圖書館
    摘要: 資訊安全的維護,常常偏重於資訊安全的技術。然而有越來越多的事實表明,資訊安全的層面甚廣,它不僅僅是一個技術問題,而且是一個管理問題。根據統計數據顯示,資訊安全所面臨的問題,屬自然因素所影響的,僅占15%;而人為因素的影響,卻高達85%。更進一步的,在此85%的比例中組織內部人員之原因就占了80%。故人為因素實為近日資訊安全的主要問題,因此如何有效管理人為因素導致的缺失,實為討論及探究的重點。 資訊管理,尤其是資訊人員的管理,必須處理有關「人」的議題,然而,涉及人的議題,似乎總有一些模糊難解之處。至今企業仍然無法發展出一套完美的甄選辦法,正確地為企業篩選出最適當的人才。本研究為國內少數參考BS7799關於人員安全管理規範,將資訊人員的安全管理分為聘用前、聘用後、升職前及定期稽核四個項目,分別探討「聘用前執行品德評估」、「聘用後執行情緒評估」、「升職前考慮品德情緒」及「定期做人員稽核」對資訊安全之影響程度。 本研究以問卷自我評估方式,以就讀於二所知名大學在職專班的同學為研究對象(N=94)。研究發現經營年限、公司規模對資安事件發生無影響,而執行BS7799的企業對資安事件發生有較佳的預防效果;此外執行「聘用前執行品德評估」、「聘用後執行情緒評估」、「升職前考慮品德情緒」及「定期做人員稽核」對於未來發生資安事件之機會較低,同時也對於未來發生資安事件有抑制效果,而大部份的研究對象也同時認為人員品德素質對資安事件之發生有影響。建議實務上由「升職前考慮品德情緒」及「定期做人員稽核」先執行,效果明顯且實施簡易。 The maintenance of the information safety, often overweight the technology of the information safety. According to statistics, the problem that information faces safely, belong to natural factor influence, only account for 15%; And the influence of the human factor, is up to 85%. Further, the reason organizing inside personnel accounts for 80% in 85% of the proportions here. So the human factor is a subject matter of the recent information safety in fact, so what a disappearance of managing the human factor and causing effectively, it is a focal point discussed and probing into in fact. Information management, especially the management of information personnel, must deal with the topic about ' people ', but, the topic related to people, seem to always have some fuzzy and difficult to resolve places. This research consults BS7799 and audit four projects regularly before dividing the safety management of information personnel into employing, after employing, promote, probe into separately “carry out morality and assess before employ”, “carry out after not employing mood assess”, “consider morality mood in front of not promoting” and “do personnel audit regularly” influence degree against information safety. This research assesses the way with the questionnaire oneself(N=94). Discover that the size, company's scale have not influenced the incident of information safety to manage time, and less frequency happens to the incident of information safety to enterprises carrying out BS7799; In addition operational staff safety management happen information safety incident have lower taking place incident of information safety have result of suppressing chances to future.
    顯示於類別:[資訊管理學系碩士在職專班 ] 博碩士論文

    文件中的檔案:

    檔案 大小格式瀏覽次數


    在NCUIR中所有的資料項目都受到原著作權保護.

    社群 sharing

    ::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 隱私權政策聲明