English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52047/87178 (60%)
Visitors : 8709836      Online Users : 129
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/34142

    Title: 資通安全治理之研究-以民間企業為例
    Other Titles: A study of information security governance - cases study of private sectors
    Authors: 郭祐誠;Kuo, Yu-cheng
    Contributors: 淡江大學資訊管理學系碩士班
    黃明達;Hwang, Ming-dar
    Keywords: 資通安全治理;個案研究;IT治理;Information Security Governance;Case Study;IT Governance
    Date: 2008
    Issue Date: 2010-01-11 04:57:58 (UTC+8)
    Abstract: 根據行政院資通安全會報統計,在2006年的600家受訪企業中,約有108家企業曾經發生6件以上實際造成損害的資安事件。資通安全在過去常被視為技術層面上的議題,管理層面較少受到重視,所以本研究欲了解資安事件發生頻率如此高的原因是否為董事會參與程度不足,或是沒有制定相關法規加以約束,故探討透過資通安全治理是否能協助組織改善資安議題並減少資安事件的發生。
    According to the statistics of ICST in 2006, there are about 108 companies that have been attacked more than 6 times among the 600 companies surveyed. Information Security was regarded as a technical issue, and not considered as a managing one. Therefore, the study is trying to find out the reasons which result the highly frequent happening of information security breach, they may be caused by short participation of Board of Directors or shortage of relevant legislation, and find the answers which can help the organization prevent or decrease the situation.
    The author of the study has participated in the research plan, which is about ISG of public and private sectors. The study focuses on the maturity of ISG of domestic enterprises. Through the case study, we try to realize the situation of information security governance of private sectors. The research method of the study is multi-case study. We try to discuss the maturity of ISG of private sectors. We also use indepth interview to understand the problems of conducting ISG. The results of the study show as following. First, the boards and senior executives do not think ISG which is necesarry. Second, the employees who are responsible for ISG don''t fully understand what they are supposed to do. Third, we are lack of external incentives and pressures such as regulations. Finally, we are lack of the consultation and assistance of practices of conducting ISG.
    Appears in Collections:[資訊管理學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback