文化大學機構典藏 CCUR:Item 987654321/20283
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47249/51115 (92%)
Visitors : 14244641      Online Users : 600
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/20283


    Title: 建構資安治理成熟度評估指標之研究-以某政府機關為例
    Authors: 高振源
    Contributors: 資訊安全產業研發碩士專班
    Keywords: 資安治理
    分析層級程序法
    績效評估指標
    Date: 2010
    Issue Date: 2011-11-07 15:23:03 (UTC+8)
    Abstract: 駭客對政府機關的攻擊從不間斷,政府的資訊安全工作仍存在著許多的挑戰與隱憂,推動資安治理行動方案已成為落實電子化政府資安管理重要措施工作的主軸之一。本研究是以政府要求為前題,國際規範或指導原則(COBIT、ITIL、ISMS)為方法,藉由專家意見與問卷找出分析層級程序法(AHP)架構中,所有可能影響資安治理成熟度評估之因素與權重。
    本研究由「策略與預算」、「組織與人員」、「績效與程序」、「環境與技術」、「法規與遵循」5個構面來探討資安治理成熟度的衡量要素與績效評估指標,並以擬訂之評估指標對某公務機關進行資安服務管理成熟度評估。研究結果提出了適合於政府機關自我評估之資安治理成熟度量化評鑑模型與權重體系,將可提供推動資安治理行動方案時相關績效評估的參考依據。

    Hacker assault to the government institution has been an on-going event therefore government information security practices remain to face lots of challenges and hidden concerns. Thus the promotion action item for Information Security Governance(ISG) has become one of the main thrusts among important measurements in the implementation for e-government IT security management. This research is predicated on government requests, adopts international standards or guidelines like methodologies (COBIT, ITIL, ISMS) and through expert opinions as well as query survey to locate all factors and weightings that might have impacted Information Security Governance maturity assessment within the Analytic Hierarchy Process(AHP) context.
    This research will explore the evaluating factors for ISG maturity and performance assessment indices through the five profiling factors: “strategy and budget”, “organization and personnel”, “performance and procedure”, “environment and technology” and “regulation and observance” . In addition, these are used to formulate assessment indices targeting certain official business institutions so as to proceed to IT security service management maturity assessment. From research findings, one can propose ISG maturity quantized assessment model and weighting system suitable to the self-assessment practices conducted at government institutions. And these can also provide references for relevant performance assessment while promoting ISG projects.
    Appears in Collections:[Department of Computer Science and Information Engineering] thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML694View/Open


    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback