摘要: | 本研究是在討論資訊安全風險管理有哪些方法可以執行使用何種方法可以方便有效的做資訊安全風險管理。
本研究是透過專家問卷的方式,以ISO27001的11個項目做為釐清資訊安全風險的分析,如果資訊安全風險管控的好的話就能許多的威脅及麻煩也能夠讓大家輕鬆做事。
用本研究在某銀行的專案中用標準來做規範的設限,能夠明訂出哪些是資訊安全的風險,予以處理或轉嫁,使大家都有一定的方向,就能避免許多的問題產生。
In this study, in the discussion of information security risk management, which can perform information security risk management can be easily and effectively do what methods.
This study as ISO27001 11 projects through expert questionnaires to clarify the in-formation security risk analysis, information security risk management and control is good quite a few threats and trouble so that everyone can easily do things.
Do this research project in a bank in the standard specification limits can express out what is the risk of information security to be dealt with or passed on, so we have a certain direction, you can avoid many problems. |