查詢結果分析
來源資料
頁籤選單縮合
題名 | 以資本計提額為基礎之資訊服務風險評估方法 |
---|---|
作者姓名(中文) | 梁錫卿; 李延浚; 黃沁慧; 陳榮靜; | 書刊名 | 資訊科技國際期刊 |
卷期 | 6:1 2012.06[民101.06] |
頁次 | 頁46-53 |
分類號 | 494.75 |
關鍵詞 | 資訊管理; 風險管理; 資本計提額; 資本適足率; IT management; Risk management; Basle capital accord; Capital ratio; |
語文 | 中文(Chinese) |
中文摘要 | 「風險」一詞存在有許久的時間,在國內因嚴重急性呼吸道症候群(The severe acute respiratory syndrome, SARS)的發生,更激起了大家對資訊管理風險的關注度。本研究認為在傳統的風險管理中,多半著重在資產價值、外在威脅、內在弱點的評量是不足以正確的評估風險之嚴重度。故將傳統的風險評估方法,加入資本計提額為新增之考量因子,經過多層級分析法與順序相關檢定的結合,驗證企業在進行資訊管理風險評估時缺乏資本計提額的概念。並取得下列結論,其一,缺乏資本計提額的概念進而導致風險評鑑結果之認知誤差,其二,企業內部資訊同仁與資訊主管對資訊管理風險無顯著差異,其三,資訊風險管理顧問與企業內部資訊同仁對資訊管理風險有顯著差異,其四,資訊風險管理顧問與資訊主管對資訊管理風險有顯著差異。 |
英文摘要 | Traditional risk management, mostly focused on asset values, external threats and inner weaknesses of the assessment which is not sufficient for properly assess the severity of the risk. In this paper, we add the consideration of the amount of capital charge factors for risk management. In addition, multi-level analysis and sequence correlation test are used to verify enterprises information management at the lack of the concept of risk assessment of the amount of capital charge. The results indicate that (1) the concept of lack of the amount of capital charge of risk assessment results leads to cognitive errors; (2) Internal IT colleagues and manager have not significant difference in information risk management; (3) Information risk management consultant and Internal IT colleagues exist a significant differences in information risk management; (4) Information risk management consultant and Information manager have significant differences in information risk management. |
本系統之摘要資訊系依該期刊論文摘要之資訊為主。