完整後設資料紀錄
DC 欄位語言
dc.contributor.author許志宜en_US
dc.contributor.authorHsu, Chih-Yien_US
dc.contributor.author羅濟群en_US
dc.contributor.authorLo, Chi-Chunen_US
dc.date.accessioned2015-11-26T00:56:59Z-
dc.date.available2015-11-26T00:56:59Z-
dc.date.issued2015en_US
dc.identifier.urihttp://140.113.39.130/cdrfb3/record/nctu/#GT070263423en_US
dc.identifier.urihttp://hdl.handle.net/11536/126825-
dc.description.abstract在資訊科技進步、網際網路發達以及雲端服務盛行的時代,大部份企業的運作都仰賴網際網路所提供的相關服務。若沒有做好資訊安全管理,風險高也容易造成企業損失。為了避免在使用資訊科技後,資料外洩、駭客入侵…等未蒙其利先蒙其弊的情況發生,資訊安全有其必要性。普遍來說,傳統產業對資訊科技的使用較為落後,也較不重視資訊安全管理,故本研究希望提出建構傳統產業資訊安全管理架構的程序,以協助傳統產業進行資訊安全管理。首先了解行政院對政府機關所規範的資通安全責任等級,參考其分級並提出傳統產業的資訊安全分級原則。再由國家安全資通會報所提出的資安健診項目以及業界常見的資安缺失和解決方案,進行分析及歸納後,提出資訊安全重點管理項目以及ISO 27001 國際標準的對應。依據傳統產業之行業特性及業務需求,提出建議之資訊安全管理架構。依此,M公司研發單位可先進行自身的資訊安全分級,並針對該等級的資訊安全管理架構做現況檢核,就知道哪些項目需要改善。進而降低資訊安全風險,保護企業資產。zh_TW
dc.description.abstractIn recent years, Information technology, Internet and cloud services are very popular and progress. The operations of most enterprises depend on Internet-related services. If there is no good information security management, enterprises will get higher risk to cause damage. Generally speaking, traditional industries don’t attach importance to information technology and information security management. Therefore, this study is to propose solutions for improving information security architecture of traditional industries. First, understand the information security responsibilities level of government then propose information security demand first level of industries. Second, based on the characteristics of traditional industries, propose information security demand second level. Third, based on the information security healthy clinics of government, usual information security questions and solutions, propose the information security management items. Fourth, the information security management items reflect to the control objectives of ISO 27001. Fifth, base on the information security demand second level, suggest which information security management items need to improve. Finally, the enterprise of traditional industries can use the information security demand level and suggestions to improve information security management items. So enterprise can construct information security management architecture then to reduce information security risks and protect enterprise assets.en_US
dc.language.isozh_TWen_US
dc.subject資料外洩zh_TW
dc.subject資訊安全zh_TW
dc.subject傳統產業zh_TW
dc.subjectData Lossen_US
dc.subjectInformation Securityen_US
dc.subjectTraditional Industriesen_US
dc.title一個建構傳統產業資訊安全管理架構的程序 -以M公司研發單位為例zh_TW
dc.titleA Procedure for constructing the Information Security Management Architecture of Traditional Industries - A Case Study of the R&D Department of Company Men_US
dc.typeThesisen_US
dc.contributor.department管理學院資訊管理學程zh_TW
顯示於類別:畢業論文