A Study of Information System Security Management Based on BS7799 Framework in Life Assurance Industry

碩士 === 中原大學 === 資訊管理研究所 === 93 === Base on IDC research reports , Asia Pacific Zone of enterprise are facing to think highly of Information Security. Even though reduce IT buget , but using in security solution cost is to grow up. Information Security market is base on security industry. The governm...

Full description

Bibliographic Details
Main Authors: Hsin-Ju Chen, 陳鑫如
Other Authors: PI, SHIH MING
Format: Others
Language:zh-TW
Published: 2005
Online Access:http://ndltd.ncl.edu.tw/handle/79004333452680417720
Description
Summary:碩士 === 中原大學 === 資訊管理研究所 === 93 === Base on IDC research reports , Asia Pacific Zone of enterprise are facing to think highly of Information Security. Even though reduce IT buget , but using in security solution cost is to grow up. Information Security market is base on security industry. The government and enterprise are accept that information security concept. The latest MIC research report to expect , internal information security market scope will group from 73.2 hundred million to 146.6 hundred million , group up rate is to reach 26.2%. In accordance with continuous information security incident , information security is really obtain enterprise to respect. For this reason , we must have security management control to apply in enterprise , to raise respect and alertness for enterprise internal people. Life Assurance Industry especially respect to information security , customer privacy information is an enterprise assets. In fact , information security incident always happen. In the past , a lot of document is focus on banking , is more than life assurance industry. The study is base on BS7799 to understand current information security management in life assurance、the hard to implement and focus on people、management、policy to effect information security management. Via interview to analyze control object difference between big business and small business. The study to show: 1. Big business on security policy、security organization、physical and environment management、communication and operation management and compliance is better than small business. 2. Small business on assets control is better than big business. 3. Big business is fullness than small business base on BS779 10 control domains. 4. Small business on people、policy、technical and wealth is restrictions on information security management. 5. No matter , management level will be focus on information security management. 6. Small business on focus information assets control. Key Word : Life Assurance、Information Security、Information Security Management System(ISMS)