A Study of Information Security Governance- A Case Study of Government Sectors

• Main Authors: Szu-Ching Wu, 吳偲箐
• Other Authors: Ming-Dar Hwang
• Format: Others
• Language: zh-TW
• Published: 2008
• Online Access: http://ndltd.ncl.edu.tw/handle/79825813403370916356

碩士 === 淡江大學 === 資訊管理學系碩士班 === 96 === According to the report of RDEC (Research, Development and Evaluation Commission, Executive Yuan), more than 90% government sectors indicate that there are three imperative difficulties awaited being overcome, including the abilities of information security, a lack of related experiences and dedicated personnel. Therefore, the government starts to contemplate the problems and expects the officer of each government sector could pay close attention and join more security-related activities through adopting Information Security Governance Mechanism. Hence, STAG (Science and Technology Advisory Group of Executive Yuan) proposed a research plan developing Information Security Governance Mechanism which fits government sectors of our country. The author of this study is one of the members of the research plan. This research plan develops an Information Security Governance Maturity Assessment Tool in addition to government sectors’ Information Security Governance Mechanism. Through multiple case studies and in-depth interview, we discuss three government sectors’ ISG Maturity and real conditions of information security, and further, propose potential difficulties. The research indicates three government organizations’ ISG maturity and real security conditions, recommend execution steps and proposes the difficulties of human resources and budget.