南華大學機構典藏系統:Item 987654321/26682
English  |  正體中文  |  简体中文  |  全文笔数/总笔数 : 18278/19583 (93%)
造访人次 : 1039749      在线人数 : 517
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
  • 进阶搜寻


    jsp.display-item.identifier=請使用永久網址來引用或連結此文件: http://nhuir.nhu.edu.tw/handle/987654321/26682


    题名: 基於ISO 27001:2013轉版建置資訊安全管理系統程序探討-以某大學為例
    其它题名: Discussion on Establishing Information Security Management System Based on ISO 27001: 2013 Revolving Edition--Taking a University as an Example
    作者: 蔡伶宜
    TSAI, LING-YI
    貢獻者: 資訊管理學系
    王昌斌
    WANG, CHANG-BIN
    关键词: ISO 27001:2013;轉版;資訊安全管理系統;教育體系資通安全管理規範;教育體系資通安全暨個人資料管理規範
    ISO 27001: 2013;Version of the Converion;Information Security Management System (ISMS);Information Security Management Practices for Education System;Information Security Management and Personal Information Management Practices for Education System
    日期: 2018
    上传时间: 2018-12-21 09:33:29 (UTC+8)
    摘要:   現今資訊科技應用發展快速,如何避免網路應用時重要資訊與個人隱私不會遭到竊取或竄改、如何強化組織的資訊安全以及當資安事件發生時的衝擊損害程度能夠降低,導入資訊安全管理系統即為首要工作。  教育部於105年8月15日提出新版「教育體系資通安全暨個人資料管理規範」,並以此規範為基礎建立驗證機制。本研究以個案研究的角度,從組織在既有資通安全管理規範下為何願意再進行轉版的動機、新舊規範的差異分析、執行資安資產盤點與風險評鑑、制定組織新版資通安全管理規範,到通過第三方驗證,深入探討轉版建置新規範所面臨的困難及解決方法、導入效益以及成功因素,期望能提供給有意轉版資通安全管理規範的組織有個實作參考步驟,能迅速有效的完成新版資通安全管理規範。
      Nowadays, due to the rapid development of information technology, the application of Information Security Management System (ISMS) to the internet usage has become a primary task. With the monitoring of ISMS, we can keep our personal and private information confidential. Otherwise, personal information could be stolen, pirated or tampered. Moreover, ISMS can improve the information security for the organizations, and reduce the damage in the security events.  The Ministry of Education released the new "Information Security Management and Personal Information Management Practices for Education System" in August 15, 2016, and took it as the core of the verification mechanism. This case study aims to investigate the motivation to adopt the new version of ISMS, the differences between the previous and new versions, the execution of the information assets and the risk assessment, the establishment of new ISMS standard and the authentication of the third-party. This study makes further interpretations of the difficulties, solutions, benefits, and the succeeding factors of implementing the new "Information Security Management Practices for Education System". Hopefully, the study can provide the practical suggestions for any organizations willing to adopt the new Information Security Management Practices for Education System".
    显示于类别:[資訊管理學系] 博碩士論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    106NHU00396006-002.pdf2493KbAdobe PDF104检视/开启
    index.html0KbHTML256检视/开启


    在NHUIR中所有的数据项都受到原著作权保护.

    TAIR相关文章

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈