The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information

碩士 === 崑山科技大學 === 資訊管理研究所 === 97 === The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively...

Full description

Bibliographic Details
Main Authors: Jian-Lin Guo, 郭建麟
Other Authors: Kuo-Chun Hsu
Format: Others
Language:zh-TW
Published: 2009
Online Access:http://ndltd.ncl.edu.tw/handle/ajktyc
id ndltd-TW-097KSUT5396016
record_format oai_dc
spelling ndltd-TW-097KSUT53960162019-05-15T20:33:46Z http://ndltd.ncl.edu.tw/handle/ajktyc The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information 探討組織如何落實ISO 27001-以資料外洩衍生危安事件之研究 Jian-Lin Guo 郭建麟 碩士 崑山科技大學 資訊管理研究所 97 The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively, and we should consider the management of the budget restriction and the Information Security to acquire the biggest benefit. In order to effectively reduce the Information Security risks caused by network, the factors we need to consider are manage policy, behavior and budget. Therefore, we still need to control the damages within an acceptable range. The above is the current major issue we facing in the information security. ISO 27001 is an Information Security Management System (ISMS) standard. This standard prevents damages of Information Security and potential risks. ISO27001 norms as 11 areas, 39 control objectives and 133 controls that increase the implementation difficulties of the organizations. Thus, this study propose to use ISO 27001 standard to analyze many different Information Security cases for some common problems of Information Security. According to the items we explored from many different Information Security cases, we can give some suggestions to strengthen the risk management of Information Security. This study proposed to decrease the risks of Information Security effectively under the limited budget. Kuo-Chun Hsu 徐國鈞 2009 學位論文 ; thesis 155 zh-TW
collection NDLTD
language zh-TW
format Others
sources NDLTD
description 碩士 === 崑山科技大學 === 資訊管理研究所 === 97 === The events of Information Security are increasing. It is a severe problem of Information Security we cannot ignored. The quality of hardware facilities and Information Security managements should be enhanced to reduce the risks of Information Security effectively, and we should consider the management of the budget restriction and the Information Security to acquire the biggest benefit. In order to effectively reduce the Information Security risks caused by network, the factors we need to consider are manage policy, behavior and budget. Therefore, we still need to control the damages within an acceptable range. The above is the current major issue we facing in the information security. ISO 27001 is an Information Security Management System (ISMS) standard. This standard prevents damages of Information Security and potential risks. ISO27001 norms as 11 areas, 39 control objectives and 133 controls that increase the implementation difficulties of the organizations. Thus, this study propose to use ISO 27001 standard to analyze many different Information Security cases for some common problems of Information Security. According to the items we explored from many different Information Security cases, we can give some suggestions to strengthen the risk management of Information Security. This study proposed to decrease the risks of Information Security effectively under the limited budget.
author2 Kuo-Chun Hsu
author_facet Kuo-Chun Hsu
Jian-Lin Guo
郭建麟
author Jian-Lin Guo
郭建麟
spellingShingle Jian-Lin Guo
郭建麟
The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
author_sort Jian-Lin Guo
title The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
title_short The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
title_full The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
title_fullStr The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
title_full_unstemmed The implementation of Organization for ISO 27001 - A Case study for information incident derived from divulge personal information
title_sort implementation of organization for iso 27001 - a case study for information incident derived from divulge personal information
publishDate 2009
url http://ndltd.ncl.edu.tw/handle/ajktyc
work_keys_str_mv AT jianlinguo theimplementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation
AT guōjiànlín theimplementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation
AT jianlinguo tàntǎozǔzhīrúhéluòshíiso27001yǐzīliàowàixièyǎnshēngwēiānshìjiànzhīyánjiū
AT guōjiànlín tàntǎozǔzhīrúhéluòshíiso27001yǐzīliàowàixièyǎnshēngwēiānshìjiànzhīyánjiū
AT jianlinguo implementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation
AT guōjiànlín implementationoforganizationforiso27001acasestudyforinformationincidentderivedfromdivulgepersonalinformation
_version_ 1719101012211400704