Organization Information Security Policy from the Perspective of Risk Management Theory
碩士 === 國防大學 === 戰略研究所 === 98 === Abstract This study is discussing information security policy from the perspective of risk management in three different organizations: government, private institute/enterprise cooperation and education institutions. Particularly in the rapid development of Internet...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | zh-TW |
| Published: |
2010
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/15305562405525699332 |
| id |
ndltd-TW-098NDU00322016 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-098NDU003220162016-04-27T04:12:16Z http://ndltd.ncl.edu.tw/handle/15305562405525699332 Organization Information Security Policy from the Perspective of Risk Management Theory 由風險管理理論探討組織之資訊安全作為 Chou,Chien-chih 周建志 碩士 國防大學 戰略研究所 98 Abstract This study is discussing information security policy from the perspective of risk management in three different organizations: government, private institute/enterprise cooperation and education institutions. Particularly in the rapid development of Internet technology has become increasingly rampant and malicious attacks on today. The risk management can clarify that the different organizations use different way to protect their own information system with different security policy. Also they can get rid of the myth of information security protection goal. Each organization has his own information security targets. Through risk management ,when each unit executed his own information security policy, you can find that the risk management analysis may provide the unit to carry on the value judgment standard to each unit. Different unit will make a decision with his own standard. Also this analysis can provide risk value to organizations through the risk-judgment, to take units’ different risk strategies. By way to the different organization information security's risk management analysis, may provide the researcher to carry on to the information security contemplation. And the researcher can get the reference when he engages any project or planning goal. According to risk management analysis points out that the information security work is impossible to achieve "zero risk" situation. Through this study found that, despite the different organizations face different IT security challenges, only all of the organization, the staff from top to bottom, work together , and have the same information security understanding. The unit can develop the best information security risk management strategy. Key Word: Information Security, Risk Management, Government Agency, Enterprise, Education System Chen Ping Hsueng 陳炳炫 2010 學位論文 ; thesis 185 zh-TW |
| collection |
NDLTD |
| language |
zh-TW |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國防大學 === 戰略研究所 === 98 === Abstract
This study is discussing information security policy from the perspective of
risk management in three different organizations: government, private
institute/enterprise cooperation and education institutions. Particularly in the rapid
development of Internet technology has become increasingly rampant and
malicious attacks on today. The risk management can clarify that the different
organizations use different way to protect their own information system with
different security policy. Also they can get rid of the myth of information security
protection goal.
Each organization has his own information security targets. Through risk
management ,when each unit executed his own information security policy, you
can find that the risk management analysis may provide the unit to carry on the
value judgment standard to each unit. Different unit will make a decision with his
own standard. Also this analysis can provide risk value to organizations through
the risk-judgment, to take units’ different risk strategies. By way to the different
organization information security's risk management analysis, may provide the
researcher to carry on to the information security contemplation. And the
researcher can get the reference when he engages any project or planning goal.
According to risk management analysis points out that the information
security work is impossible to achieve "zero risk" situation. Through this study
found that, despite the different organizations face different IT security challenges,
only all of the organization, the staff from top to bottom, work together , and have
the same information security understanding. The unit can develop the best
information security risk management strategy.
Key Word: Information Security, Risk Management, Government Agency,
Enterprise, Education System
|
| author2 |
Chen Ping Hsueng |
| author_facet |
Chen Ping Hsueng Chou,Chien-chih 周建志 |
| author |
Chou,Chien-chih 周建志 |
| spellingShingle |
Chou,Chien-chih 周建志 Organization Information Security Policy from the Perspective of Risk Management Theory |
| author_sort |
Chou,Chien-chih |
| title |
Organization Information Security Policy from the Perspective of Risk Management Theory |
| title_short |
Organization Information Security Policy from the Perspective of Risk Management Theory |
| title_full |
Organization Information Security Policy from the Perspective of Risk Management Theory |
| title_fullStr |
Organization Information Security Policy from the Perspective of Risk Management Theory |
| title_full_unstemmed |
Organization Information Security Policy from the Perspective of Risk Management Theory |
| title_sort |
organization information security policy from the perspective of risk management theory |
| publishDate |
2010 |
| url |
http://ndltd.ncl.edu.tw/handle/15305562405525699332 |
| work_keys_str_mv |
AT chouchienchih organizationinformationsecuritypolicyfromtheperspectiveofriskmanagementtheory AT zhōujiànzhì organizationinformationsecuritypolicyfromtheperspectiveofriskmanagementtheory AT chouchienchih yóufēngxiǎnguǎnlǐlǐlùntàntǎozǔzhīzhīzīxùnānquánzuòwèi AT zhōujiànzhì yóufēngxiǎnguǎnlǐlǐlùntàntǎozǔzhīzhīzīxùnānquánzuòwèi |
| _version_ |
1718250358715711488 |