運用資訊服務管理與資訊安全管理建構企業資訊治理系統－以宏□公司為例

Abstract

迄今大部份的企業已能意識到資訊技術帶來的效益，成熟的善用資訊技術來協助企業的發展已是必然的趨勢。經營績效優良的企業，IT投資報酬率絕大部分都高於競爭對手，其最大因素在於IT治理人能善用資訊技術。資訊治理的目的，就是能清楚了解IT策略的目標、資訊資源的使用、風險衝擊的趨避、業務流程的支援，法律法規的遵循。 本研究的重點，在探討企業如何運用資訊服務管理（ITSM）與資訊安全管理（ISMS）建構資訊治理系統。協助企業實行資訊治理時，有效進行策略校準、流程改善與風險控制三大目標，並樹立企業資訊治理的典範。

This study focuses on how to use IT services management (ITSM) and information security management system (ISMS) construction information management system. So far the majority of enterprises have been aware of the benefits of information technology, and sophisticated use of information technology to assist in the development of enterprises is an inevitable trend. Operating performance of excellent enterprises, most of IT investment rate of return higher than competitors, the biggest factor is that people can make good use of IT governance of information technology. The purpose of information governance is to clearly understand IT policy objectives, the use of information resources, risk, rush to avoid impact, business process support, laws, and regulations. Assist the process of implementing IT governance, effective strategy calibration, process improvement and risk control of three major goals, and establish a model of enterprise information management.