Assessment of Information Security Influencing Factors

• Main Authors: Chen, Chun-Wei, 陳俊瑋
• Other Authors: Chih-li Hung
• Format: Others
• Language: zh-TW
• Published: 2016
• Online Access: http://ndltd.ncl.edu.tw/handle/hj6jpt

碩士 === 中原大學 === 資訊管理研究所 === 104 === In recent years, advances in Internet so that people rely on computers increasing influence is also growing, and companies face global competition under the information technology and electronics progress and development, and further the development of e-policy and security policy needed to respond to information security threats. So many organizations have been planning to import information security systems, but large-scale import of funds, so that enterprises in importing do not know the door into the room, or waste a lot of resources on the import, the study will focus on the country through ISO 27001 certification enterprise, the expert questionnaire distributed to businesses, hoping to use AHP level analysis to identify the factors critical to success of ISO 27001. In this study, the experts issued questionnaire method, for all enterprises at all levels of the heavy weight carried feedback information respondents had to identify critical success factors for introducing ISO 27001 re-use AHP AHP, research results, mostly for high-end subjective identity within the enterprise ISO 27001 is the first key to import critical success factors, and with the participation of all employees working in the enterprise is more important critical success factors indicators; advocacy and promotion of IT security policies also have a higher impact on the ranking. The nature of the telecommunications services company, has relied on a relatively good operational goals of information security policy, so the difference in the company compared with the nature of the semiconductor industry, the data would be more intense, and the nature of the semiconductor industry companies will pay more attention to the institutional side , rationality and applicability of the project a key factor in the design of the system will be stronger than information security policy in line with operational objectives, analyzed in this study and the results from the data in order to provide the experience of not introducing ISO 27001 organization Share directions and recommendations. Finally, according to the results of this study were discussed, and the follow-up study suggests.