南華大學機構典藏系統:Item 987654321/26682
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 18278/19583 (93%)
Visitors : 913420      Online Users : 206
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://nhuir.nhu.edu.tw/handle/987654321/26682


    Title: 基於ISO 27001:2013轉版建置資訊安全管理系統程序探討-以某大學為例
    Other Titles: Discussion on Establishing Information Security Management System Based on ISO 27001: 2013 Revolving Edition--Taking a University as an Example
    Authors: 蔡伶宜
    TSAI, LING-YI
    Contributors: 資訊管理學系
    王昌斌
    WANG, CHANG-BIN
    Keywords: ISO 27001:2013;轉版;資訊安全管理系統;教育體系資通安全管理規範;教育體系資通安全暨個人資料管理規範
    ISO 27001: 2013;Version of the Converion;Information Security Management System (ISMS);Information Security Management Practices for Education System;Information Security Management and Personal Information Management Practices for Education System
    Date: 2018
    Issue Date: 2018-12-21 09:33:29 (UTC+8)
    Abstract:   現今資訊科技應用發展快速,如何避免網路應用時重要資訊與個人隱私不會遭到竊取或竄改、如何強化組織的資訊安全以及當資安事件發生時的衝擊損害程度能夠降低,導入資訊安全管理系統即為首要工作。  教育部於105年8月15日提出新版「教育體系資通安全暨個人資料管理規範」,並以此規範為基礎建立驗證機制。本研究以個案研究的角度,從組織在既有資通安全管理規範下為何願意再進行轉版的動機、新舊規範的差異分析、執行資安資產盤點與風險評鑑、制定組織新版資通安全管理規範,到通過第三方驗證,深入探討轉版建置新規範所面臨的困難及解決方法、導入效益以及成功因素,期望能提供給有意轉版資通安全管理規範的組織有個實作參考步驟,能迅速有效的完成新版資通安全管理規範。
      Nowadays, due to the rapid development of information technology, the application of Information Security Management System (ISMS) to the internet usage has become a primary task. With the monitoring of ISMS, we can keep our personal and private information confidential. Otherwise, personal information could be stolen, pirated or tampered. Moreover, ISMS can improve the information security for the organizations, and reduce the damage in the security events.  The Ministry of Education released the new "Information Security Management and Personal Information Management Practices for Education System" in August 15, 2016, and took it as the core of the verification mechanism. This case study aims to investigate the motivation to adopt the new version of ISMS, the differences between the previous and new versions, the execution of the information assets and the risk assessment, the establishment of new ISMS standard and the authentication of the third-party. This study makes further interpretations of the difficulties, solutions, benefits, and the succeeding factors of implementing the new "Information Security Management Practices for Education System". Hopefully, the study can provide the practical suggestions for any organizations willing to adopt the new Information Security Management Practices for Education System".
    Appears in Collections:[Department of Information Management] Disserations and Theses

    Files in This Item:

    File Description SizeFormat
    106NHU00396006-002.pdf2493KbAdobe PDF102View/Open
    index.html0KbHTML252View/Open


    All items in NHUIR are protected by copyright, with all rights reserved.


    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback