English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 51756/86971 (60%)
造訪人次 : 8355349      線上人數 : 80
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/111165

    題名: 資訊安全稽核作業評量輔助系統之研究
    其他題名: The research of information security auditing operation and assessment assisting system
    作者: 李沛倫;Li, Pei-Lun
    貢獻者: 淡江大學資訊管理學系碩士在職專班
    劉艾華;Liou, Ay-Hwa Andy
    關鍵詞: ISO/IEC 27001:2005;資訊安全威脅;資訊安全稽核;評量輔助系統;Information Security Threat;Information Security Aduit;Assessment Assisting System
    日期: 2016
    上傳時間: 2017-08-24 23:45:35 (UTC+8)
    摘要: 近年來企業組織面臨各種資訊安全威脅,推動與執行以ISO/IEC 27001:2005 資訊安全標準的稽核作業早已蔚為趨勢;但傳統人工資訊安全稽核作法有稽核結果錯誤率高、執行時間冗長且效率不彰、以及紙本紀錄無法保存長久且不環保、與稽核經驗無法有效傳承等等缺點。

    In the face of increasing information security threats, it is now a trend among business organizations to promote and implement security audits based on the ISO/IEC 27001:2005 information security standards. However conventional manual audit has a number of shortcomings, including high error rate, time consuming, lack of efficiency, inability to preserve paper records indefinitely which is also environmentally unfriendly, and inability to effectively pass on the audit experience.

    This study uses a legal entity as an example and its existing information security audit checklist as basic conditions and follows the traditional audit process and planning model to design and establish a systematic and action-oriented audit and assessment aid system; scalable template features are also included for replacement of information of different natures needed during the auditing process while the use of handheld devices can eliminate the time and space constraints for effective audit log management; past audit report information of the business organization can be pre-loaded for conducting audit activities based on the new scoring model. The results of objective information security audit can be obtained through back-end database and comparative analysis on the audit results based on the old and new models.
    顯示於類別:[資訊管理學系暨研究所] 學位論文


    檔案 描述 大小格式瀏覽次數



    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋