English  |  正體中文  |  简体中文  |  Items with full text/Total items : 51281/86342 (59%)
Visitors : 8151901      Online Users : 75
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/94061


    Title: 我國大專校院資安治理成熟度及其相關因素之分析
    Other Titles: Analysis on the maturity of information security governance and relative factors for institutes of higher education in Taiwan
    Authors: 洪智能;Hung, Chir-Neng
    Contributors: 淡江大學管理科學學系博士班
    黃明達;Hwang, Ming-dar
    Keywords: 資安治理成熟度;資安治理;資安治理校園實務;資訊安全;資訊治理;成熟度相關因素;成熟度模型;大專校院;Maturity of Information Security Governance;Information Security Governance;Academic Security Governance;Information security;Information Technology Governance;ISG Model;Higher education
    Date: 2013
    Issue Date: 2014-01-23 13:52:36 (UTC+8)
    Abstract: 由於網路的安全問題層出不窮,學校不僅是受害者,也是加害者,使得資訊安全及資安治理在配合國家政策與整體投入資源有限的狀況下,如何提升學校資訊安全與治理等級,應做通盤了解與因應。
    本研究使用問卷調查方法,針對我國大專校院資安治理成熟度做調查,主要的目的在於評估大專校院各校資安治理成熟度、探討資安治理成熟度相關因素,並提供資安治理成熟度提升模式及其改善之道;發出164份調查問卷,請各校資訊單位主管進行問卷填答,回收153份問卷,回收百分比為93.3%,扣除無效問卷4份,實際回收有效問卷為149份,有效樣本回收百分比為90.9%。
    根據資安治理成熟度計算公式,發現學校資安治理成熟度低者占51%,中者占32.2%,高者占16.8%;使用判別分析確認資安治理成熟度低、中、高是可區別的,有87.2%交叉驗證成熟度低、中、高3組觀察值已正確分類,使用相關分析,發現34個項目與資安治理成熟度有相關顯著,針對相關顯著項目,使用ANOVA,檢定資安治理成熟度低、中、高各等級對各項目均數差異的顯著性,有31個項目具有顯著,確認各項目均數差異後,並以 post hoc 全距檢定和LSD來確認資安治理成熟度由低至中、由低至高及由中至高的項目是否有差異顯著,發現由中至高有2個項目未達顯著外,其餘皆達顯著,而且這些項目皆為資安治理成熟度相關項目。
    為有效提升大專校院資安治理成熟度,尋找成熟度各等級之相同特徵與相關因素,本研究並發展資安治理成熟度概念圖及資安治理成熟度提升模式,含資安治理成熟度低者提升至成熟度中者、成熟度中者提升至成熟度高者的相關項目,並使用統計判別分析、相關分析、變異數分析等找出資安治理成熟度相關因素、顯著項目,從不同構面比較後,找出資安治理成熟度等級容易往上提升的項目,發現各校資安治理面臨的問題,普遍性是業務IT依賴度偏高,而資安治理成熟度偏低,尤其風險管理構面各項目更是偏低,各校可依自己資安治理成熟度現況,找出最容易提升成熟度之項目,達到資安治理成熟度改善的目的。
    This study used a questionnaire survey method, investigating the maturity of information security governance for institutes of higher education in Taiwan. The main objective is to assess the maturity of information security governance for institutes, exploring the factors concerned, providing the model for promoting the maturity of information security governance, and improvement methods. Questionnaires are sent to 164 information unit supervisors in schools, and 153 are returned. The return percentage is 93.3% excluding four invalid ones, and effective questionnaire is 149, the effective sample return percentage is 90.9%.
    According to formula of governance maturity of the information security, it was found that schools with low rate of security governance maturity take up 51%, schools with medium rate 32.2%, high 16.8%; with discriminant analysis, it is confirmed that the governance maturity of the information security can be distinguished in low, medium, and high rate. With 87.2% cross validation, three observation groups of low, medium and high maturity have been classified. With correlation analysis, it is found that 34 items have significant correlation with governance maturity of the information security. With analysis of variance (ANOVA), the least significant difference (LSD) between item average with verification governance maturity of the information security grade of high, medium, and low is checked to find there are 31 items with significant differences. After confirming every item mean significant difference, post hoc range test and ANOVA multiple comparison LSD are used to confirm whether there is significant differences between the items of governance maturity of the information security from low to medium, from low to high and from medium to high. It is found that only two items from medium to high are not significant, the rest are significant, and these items are the related items of governance maturity of the information security.
    This study aims to develop governance maturity of the information security promotion mode, find school security management problems, which are generally about too much IT Reliance, while the governance maturity of the information security is low, especially the items in the risk management aspect the project are quit low. Each school can find the easiest items of the maturity to improve according to their own governance maturity of the information security status, to promote the governance maturity of the information security.
    Appears in Collections:[管理科學學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat
    index.html0KbHTML66View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.


    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback