English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 51275/86342 (59%)
造訪人次 : 8145942      線上人數 : 91
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/105527


    題名: 個人資料檔案風險評鑑威脅與弱點項目之研究
    其他題名: A study of the threat and vulnerability items for risk evaluation of personal information files
    作者: 陳俊谷;Chen, Jun-Gu
    貢獻者: 淡江大學資訊管理學系碩士在職專班
    蕭瑞祥;Shaw, Ruey-Shiang
    關鍵詞: 個人資料保護;個資管理;風險評鑑;personal data protection;Personal Information Management;Risk Evaluation
    日期: 2015
    上傳時間: 2016-01-22 14:58:19 (UTC+8)
    摘要: 本研究旨在整合資安風險評鑑與個資風險評鑑之作法,進而探討個資檔案於風險評鑑時,可以用以評估風險之威脅項目與對應之弱點項目。本研究以文獻分析法彙整資訊資產風險評鑑之威脅與弱點配對項目,再經二次專家訪談,蒐集專家對於資訊資產與個資風險評鑑之觀點,以及資訊資產威脅與弱點配對項目用於個資檔案風險評鑑之建議,進而得出適用於個資檔案風險評鑑之威脅與弱點項目。

    研究結果發現,已導入資安管理系統ISMS的組織,可整合資訊資產風險評鑑與個資檔案風險評鑑,以一致的評估方式,減少風險評鑑重複執行。若導入「個人資料保護參考指引」之風險評鑑架構,可加入詳細風險評鑑方法,以配合企業原有ISMS之作法。本研究並由68個資訊資產威脅與弱點項目,彙整出38項主要個資檔案威脅與弱點評估項目,及12項次要評估項目,提供企業進行個資檔案詳細風險評鑑之基礎,並可節省時間與成本。
    This study would explore the risk evaluation integration of information security and personal information files, and then explore the threat and vulnerability items for risk evaluation of personal information files. This study collected the threat and vulnerability items for information asset risk evaluation by literature analysis method.

    Through the expert interview and options collection for integration of information security and personal information files, and the suggestion of the threat and vulnerability items for personal information files risk evaluation, the result shows that enterprise should integrate the information security risk evaluation and personal information file risk evaluation to reduce the effort. If companies implement the “Personal Data Protection Reference Guide", the findings recommend to practice with detail risk evaluation method. This study also organized 38 threat and vulnerability items to reduce the loading of personal information file risk evaluation and to support the integration of risk evaluation for information security and personal information files.
    顯示於類別:[資訊管理學系暨研究所] 學位論文

    文件中的檔案:

    檔案 描述 大小格式瀏覽次數
    index.html0KbHTML60檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋