查詢結果分析
來源資料
頁籤選單縮合
題 名 | 資訊系統建置控制之風險管理探討 |
---|---|
作 者 | 洪長宏; | 書刊名 | 電腦稽核 |
卷 期 | 25 2012.01[民101.01] |
頁 次 | 頁148-155 |
分類號 | 312.76 |
關鍵詞 | 資訊系統建置; 資訊風險管理; 電腦稽核風險; |
語 文 | 中文(Chinese) |
中文摘要 | 電腦稽核的目的主要在於降低資訊相關風險,同時也希望進一步增加資訊的價值。資訊系統在不同的階段會有不同的風險面向。在資訊系統建置時,其面對的是資訊系統是否可如願(如需求、時程、成本)建立的風險,在營運階段則是是否可滿足資訊服務等級之風險。此篇文章主要是在探討資訊系統建置時的風險管理。本文以一個案例來探討資訊系統建置時整體風險管理的進行,包括:風險分析(風險事件辨識、風險評估)、風險回應規劃及風險監控。最後,以電腦稽核者對風險的經驗,來檢視此風險管理是否完整,期能讓風險管理以最少的成本達到最大的效益。 |
英文摘要 | The objective of the information system audit is to reduce the risks, but also hope to further increase the value of information. Information systems in different stages have different risk dimensions. In the information system development phase, its face is the risk of information systems establishment, during the operational phase is the risk of meet the information service level. This article is to investigate the risk when the information system development management. In this paper, a case when the information system development to explore the overall risk management, including: risk analysis (risk event identification, risk assessment), risk response planning and risk controls. Finally, the risk of computer audit experience were to examine the risk management is complete, make risk management of the least cost to achieve the maximum benefits. |
本系統中英文摘要資訊取自各篇刊載內容。