查詢結果分析
來源資料
頁籤選單縮合
題 名 | 影響資訊安全關鍵因素之研究=A Study of Key Success Factors Affecting Information Security |
---|---|
作 者 | 洪國興; 季延平; 趙榮耀; | 書刊名 | 資訊管理研究. 南華大學 |
卷 期 | 6 民95.07 |
頁 次 | 頁1-29 |
分類號 | 312.76 |
關鍵詞 | 資訊安全; 資訊安全管理理論; 整合性系統理論; 影響資訊安全因素; 關鍵因素; Information security; Information security management theory; Integrated system theory; Factors affecting information security; Key factors; |
語 文 | 中文(Chinese) |
中文摘要 | 由於資訊安全事故層出不窮,使得組織開始察覺到資訊安全可能危及企業的生存,因此,資訊安全普遍的受到重視。資訊安全產品與技術也被廣泛的討論,常被視為解決資訊安全問題的唯一辦法,而欠缺整合的對策與貫通的管理機制。欲解決資訊安全問題,學者分別從資訊安全政策(Information Security Policy)、風險管理(Risk Management)、內部控制(Internal Control)或資訊稽核(Information Auditing)等不同觀點,提出各種理論。本研究以資訊安全「整合系統理論」(Integrated System Theory)為基礎,提出「影響資訊安全因素架構」,經由因素分析,萃取八個因素構面,修正後,建構為組織「影響資訊安全關鍵因素架構」,作為組織規範資訊安全解決方案的參考。本研究也是繼ISO/IEC 17799公布後,就影響資訊安全關鍵因素進行實証研究的開端,相信有助於資訊安全管理之實証研究跨出重要的一步,也可作為後續相關研究的參考。 |
英文摘要 | Since various accidents of Information Security emerge in an endless stream, organizations are gradually aware that Information Security may threaten the existence of enterprises. Information Security is therefore gaining growing attention universally. Products and technologies of Information Security are widely discussed and usually regarded as the only solution to information security problems, but lack of integrated strategies and comprehensive management mechanisms. To solve information security problems, scholars reached different theory in light of Information Security Policy, Risk Management, Internal Control or Information auditing. Basing on the Information Security “Integrated System Theory”, this Study integrated different views and moreover forms the “Architecture of Factors Affecting Information Security”. It extracts eight constructs through factor analysis and after amending, models the “Architecture of Key Factors Affecting Information Security of an Organization”. It offers a reference for the organization to standardize the resolutions of Information Security. The Study is also an inception to conduct empirical research on key factors affecting Information Security after the announcement “ISO/IEC 17799. It is believed to be an important barometer of the empirical study for information Security Management, and will be the reference for related studies later on. |
本系統中英文摘要資訊取自各篇刊載內容。