Constructing of Information Security Governence Evaluation Indicators-Use a Government Agency As a Case

• Main Authors: Kao,Chen-Yuan, 高振源
• Other Authors: Tsai,Dwen-Ren
• Format: Others
• Language: zh-TW
• Published: 2011
• Online Access: http://ndltd.ncl.edu.tw/handle/34037343370985527329

碩士 === 中國文化大學 === 資訊安全產業研發碩士專班 === 99 === Hacker assault to the government institution has been an on-going event therefore government information security practices remain to face lots of challenges and hidden concerns. Thus the promotion action item for Information Security Governance(ISG) has become one of the main thrusts among important measurements in the implementation for e-government IT security management. This research is predicated on government requests, adopts international standards or guidelines like methodologies (COBIT, ITIL, ISMS) and through expert opinions as well as query survey to locate all factors and weightings that might have impacted Information Security Governance maturity assessment within the Analytic Hierarchy Process(AHP) context. This research will explore the evaluating factors for ISG maturity and performance assessment indices through the five profiling factors: “strategy and budget”, “organization and personnel”, “performance and procedure”, “environment and technology” and “regulation and observance” . In addition, these are used to formulate assessment indices targeting certain official business institutions so as to proceed to IT security service management maturity assessment. From research findings, one can propose ISG maturity quantized assessment model and weighting system suitable to the self-assessment practices conducted at government institutions. And these can also provide references for relevant performance assessment while promoting ISG projects. Keywords: ISG,AHP,Performance Evaluation Indicators