The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
碩士 === 崑山科技大學 === 資訊管理研究所 === 97 === The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Others |
Language: | zh-TW |
Published: |
2009
|
Online Access: | http://ndltd.ncl.edu.tw/handle/ajktyc |
id |
ndltd-TW-097KSUT5396016 |
---|---|
record_format |
oai_dc |
spelling |
ndltd-TW-097KSUT53960162019-05-15T20:33:46Z http://ndltd.ncl.edu.tw/handle/ajktyc The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information 探討組織如何落實ISO 27001-以資料外洩衍生危安事件之研究 Jian-Lin Guo 郭建麟 碩士 崑山科技大學 資訊管理研究所 97 The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively, and we should consider the management of the budget restriction and the Information Security to acquire the biggest benefit. In order to effectively reduce the Information Security risks caused by network, the factors we need to consider are manage policy, behavior and budget. Therefore, we still need to control the damages within an acceptable range. The above is the current major issue we facing in the information security. ISO 27001 is an Information Security Management System (ISMS) standard. This standard prevents damages of Information Security and potential risks. ISO27001 norms as 11 areas, 39 control objectives and 133 controls that increase the implementation difficulties of the organizations. Thus, this study propose to use ISO 27001 standard to analyze many different Information Security cases for some common problems of Information Security. According to the items we explored from many different Information Security cases, we can give some suggestions to strengthen the risk management of Information Security. This study proposed to decrease the risks of Information Security effectively under the limited budget. Kuo-Chun Hsu 徐國鈞 2009 學位論文 ; thesis 155 zh-TW |
collection |
NDLTD |
language |
zh-TW |
format |
Others
|
sources |
NDLTD |
description |
碩士 === 崑山科技大學 === 資訊管理研究所 === 97 === The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively, and we should consider the management of the budget restriction and the Information Security to acquire the biggest benefit. In order to effectively reduce the Information Security risks caused by network, the factors we need to consider are manage policy, behavior and budget. Therefore, we still need to control the damages within an acceptable range. The above is the current major issue we facing in the information security.
ISO 27001 is an Information Security Management System (ISMS) standard. This standard prevents damages of Information Security and potential risks. ISO27001 norms as 11 areas, 39 control objectives and 133 controls that increase the implementation difficulties of the organizations. Thus, this study propose to use ISO 27001 standard to analyze many different Information Security cases for some common problems of Information Security. According to the items we explored from many different Information Security cases, we can give some suggestions to strengthen the risk management of Information Security. This study proposed to decrease the risks of Information Security effectively under the limited budget.
|
author2 |
Kuo-Chun Hsu |
author_facet |
Kuo-Chun Hsu Jian-Lin Guo 郭建麟 |
author |
Jian-Lin Guo 郭建麟 |
spellingShingle |
Jian-Lin Guo 郭建麟 The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
author_sort |
Jian-Lin Guo |
title |
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
title_short |
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
title_full |
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
title_fullStr |
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
title_full_unstemmed |
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information |
title_sort |
implementation of organization for iso 27001 - a case study for information incident derived from divulge personal information |
publishDate |
2009 |
url |
http://ndltd.ncl.edu.tw/handle/ajktyc |
work_keys_str_mv |
AT jianlinguo theimplementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation AT guōjiànlín theimplementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation AT jianlinguo tàntǎozǔzhīrúhéluòshíiso27001yǐzīliàowàixièyǎnshēngwēiānshìjiànzhīyánjiū AT guōjiànlín tàntǎozǔzhīrúhéluòshíiso27001yǐzīliàowàixièyǎnshēngwēiānshìjiànzhīyánjiū AT jianlinguo implementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation AT guōjiànlín implementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation |
_version_ |
1719101012211400704 |