English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 58317/91854 (63%)
造訪人次 : 14028546      線上人數 : 102
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/92934

    題名: 資訊安全風險管理實務落差之探討--以某財團法人機構為例
    作者: 梁德昭;張嘉琪
    貢獻者: 淡江大學資訊管理學系
    關鍵詞: ISO 31000;風險管理;資訊安全風險管理
    日期: 2013-05-25
    上傳時間: 2013-10-24 07:28:37 (UTC+8)
    摘要: This study focus on whether or not the IRM is well effectively controlled in practice, and compare their managerial activities of IRM with the requirements of ISO 31000 for a non-profit organization which has been adopted IRM based on ISO 27001. The differences of existed IRM management and the ISO 31000 standard are figured out and then raise the related issues to explore. Through the experts interview and opinions collection and analysis, results show that the mainly course of IRM is not practically effectiveness is lack of relevant knowledge of IRM organizational-wise, and thus also due to the reason of lack of supervisor support, hence also lack of resources and manpower to be put into IRM. The conclusion of this study could be as a hint to those organizations or businesses, before they are adopting ISMS, have to increase the awareness of IRM in advance, so that activities of IRM can be really put into practices to effectively control the potential information risk of organization.
    本研究旨在探討以某採用ISO 27001為基礎導入資安風險管理之非營利組織對組織的風險管理是否落實並且達到有效控管,並從ISO 31000與現有管理方式二者之間的落差探究其原因。將ISO 31000與組織現有管理方式比對分析並透過專家訪談蒐集意見,從訪談結果分析歸納出組織內部對於資安風險管理認知不足及缺乏為首要主因,因此也影響主管支持程度當資源及人力較為缺乏的情況下即無法真正有效達到風險管理。期望未來企業/組織在導入ISMS時,能參考本研究之建議,提高組織資安風險管理認知,讓風險管理能落實於組織內部所有活動,才能有效控制組織潛在資訊風險。
    關聯: 第24屆國際資訊與管理學術研討會,16頁
    顯示於類別:[資訊管理學系暨研究所] 會議論文


    檔案 描述 大小格式瀏覽次數
    P157F.pdf321KbAdobe PDF2405檢視/開啟



    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋