English  |  正體中文  |  简体中文  |  全文筆數/總筆數 : 49925/85107 (59%)
造訪人次 : 7779702      線上人數 : 46
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
  • 進階搜尋
    請使用永久網址來引用或連結此文件: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/94061


    題名: 我國大專校院資安治理成熟度及其相關因素之分析
    其他題名: Analysis on the maturity of information security governance and relative factors for institutes of higher education in Taiwan
    作者: 洪智能;Hung, Chir-Neng
    貢獻者: 淡江大學管理科學學系博士班
    黃明達;Hwang, Ming-dar
    關鍵詞: 資安治理成熟度;資安治理;資安治理校園實務;資訊安全;資訊治理;成熟度相關因素;成熟度模型;大專校院;Maturity of Information Security Governance;Information Security Governance;Academic Security Governance;Information security;Information Technology Governance;ISG Model;Higher education
    日期: 2013
    上傳時間: 2014-01-23 13:52:36 (UTC+8)
    摘要: 由於網路的安全問題層出不窮,學校不僅是受害者,也是加害者,使得資訊安全及資安治理在配合國家政策與整體投入資源有限的狀況下,如何提升學校資訊安全與治理等級,應做通盤了解與因應。
    本研究使用問卷調查方法,針對我國大專校院資安治理成熟度做調查,主要的目的在於評估大專校院各校資安治理成熟度、探討資安治理成熟度相關因素,並提供資安治理成熟度提升模式及其改善之道;發出164份調查問卷,請各校資訊單位主管進行問卷填答,回收153份問卷,回收百分比為93.3%,扣除無效問卷4份,實際回收有效問卷為149份,有效樣本回收百分比為90.9%。
    根據資安治理成熟度計算公式,發現學校資安治理成熟度低者占51%,中者占32.2%,高者占16.8%;使用判別分析確認資安治理成熟度低、中、高是可區別的,有87.2%交叉驗證成熟度低、中、高3組觀察值已正確分類,使用相關分析,發現34個項目與資安治理成熟度有相關顯著,針對相關顯著項目,使用ANOVA,檢定資安治理成熟度低、中、高各等級對各項目均數差異的顯著性,有31個項目具有顯著,確認各項目均數差異後,並以 post hoc 全距檢定和LSD來確認資安治理成熟度由低至中、由低至高及由中至高的項目是否有差異顯著,發現由中至高有2個項目未達顯著外,其餘皆達顯著,而且這些項目皆為資安治理成熟度相關項目。
    為有效提升大專校院資安治理成熟度,尋找成熟度各等級之相同特徵與相關因素,本研究並發展資安治理成熟度概念圖及資安治理成熟度提升模式,含資安治理成熟度低者提升至成熟度中者、成熟度中者提升至成熟度高者的相關項目,並使用統計判別分析、相關分析、變異數分析等找出資安治理成熟度相關因素、顯著項目,從不同構面比較後,找出資安治理成熟度等級容易往上提升的項目,發現各校資安治理面臨的問題,普遍性是業務IT依賴度偏高,而資安治理成熟度偏低,尤其風險管理構面各項目更是偏低,各校可依自己資安治理成熟度現況,找出最容易提升成熟度之項目,達到資安治理成熟度改善的目的。
    This study used a questionnaire survey method, investigating the maturity of information security governance for institutes of higher education in Taiwan. The main objective is to assess the maturity of information security governance for institutes, exploring the factors concerned, providing the model for promoting the maturity of information security governance, and improvement methods. Questionnaires are sent to 164 information unit supervisors in schools, and 153 are returned. The return percentage is 93.3% excluding four invalid ones, and effective questionnaire is 149, the effective sample return percentage is 90.9%.
    According to formula of governance maturity of the information security, it was found that schools with low rate of security governance maturity take up 51%, schools with medium rate 32.2%, high 16.8%; with discriminant analysis, it is confirmed that the governance maturity of the information security can be distinguished in low, medium, and high rate. With 87.2% cross validation, three observation groups of low, medium and high maturity have been classified. With correlation analysis, it is found that 34 items have significant correlation with governance maturity of the information security. With analysis of variance (ANOVA), the least significant difference (LSD) between item average with verification governance maturity of the information security grade of high, medium, and low is checked to find there are 31 items with significant differences. After confirming every item mean significant difference, post hoc range test and ANOVA multiple comparison LSD are used to confirm whether there is significant differences between the items of governance maturity of the information security from low to medium, from low to high and from medium to high. It is found that only two items from medium to high are not significant, the rest are significant, and these items are the related items of governance maturity of the information security.
    This study aims to develop governance maturity of the information security promotion mode, find school security management problems, which are generally about too much IT Reliance, while the governance maturity of the information security is low, especially the items in the risk management aspect the project are quit low. Each school can find the easiest items of the maturity to improve according to their own governance maturity of the information security status, to promote the governance maturity of the information security.
    顯示於類別:[管理科學學系暨研究所] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    index.html0KbHTML63檢視/開啟

    在機構典藏中所有的資料項目都受到原著作權保護.

    TAIR相關文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - 回饋