English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52343/87441 (60%)
Visitors : 9116049      Online Users : 378
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/102390

    Title: 國安機關推動資安治理現存問題與落差因素分析之研究
    Other Titles: A study of the problems and gaps of implementation of information security governance of national security government organizations
    Authors: 吳將煇;Wu, Jiang-Hui
    Contributors: 淡江大學資訊管理學系碩士在職專班
    蕭瑞祥;Shaw, Ruey-Shiang
    Keywords: 資安治理;資訊安全;資安治理成熟度;Information Security Governance;Information security;Maturity of Information Security Governance
    Date: 2014
    Issue Date: 2015-05-04 09:54:37 (UTC+8)
    Abstract: 我國2012年有344萬次的駭客攻擊,有251次成為資安事件,鑑於2013年美國史諾登(Edward Snowden)洩密案,對國家安全的影響,從資安的角度來探討其原因,資安治理工作執行的落差也可能是主要的肇因之一,所以本文以我國相關部門為例,探討治理現況與執行上的落差與問題。
    We were attacked by hackers 3,340,000 times in 2012, and almost caused 251 information crisis. That Edward Snowden revealing confidential state secret in 2013 had great influence on the relationship between information security and national security. One of the reasons that cause the case might be lake of information security management. In this study, we discuss the status quo of information security management and investigate the real challenge it faces in our country.
    In this study, we take one of the departments of Ministry of state security as our case study. With relative references about information security policies of our country and that of the government, we use survey to know the status quo of the case and investigate the real challenge it faces, trying to find out if the information security works well, and if there is any obstacle existed in information security between different departments and different positions. The results of this study indicates some gaps among risk management, organizations and personnel does exist, and that’s because lack of policy acknowledgement, training and distinction between responsibility and accountability. The governing body and the information department should help their personnel to fully understand the policy, and help them know more about risk management through ISO27001(CNS27001) and ISO27005(CNS27005). With adequate information security manpower disposition, training, reasonable and definite authorization, the information security of our national system would be much stronger.
    Appears in Collections:[資訊管理學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback