文化大學機構典藏 CCUR:Item 987654321/49290
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 46962/50828 (92%)
Visitors : 12424159      Online Users : 1074
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/49290


    Title: 基於資通安全管理法適用對象之資安人才培育探討
    The Training of Cybersecurity Talents Based on the Applicable Objects of the Cyber Security Management Law
    Authors: 方耀宇
    Contributors: 資訊管理學系碩士在職專班
    Keywords: 資安訓練
    資通安全管理法
    德菲法
    Date: 2021
    Issue Date: 2021-02-26 09:22:07 (UTC+8)
    Abstract: 資通安全管理法於107年5月三讀通過,自108年1月1日正式施行。本法將公務機關及特定非公務機關之資通安全責任等級,各自賦予不同的應辦事項要求。自施行後已經過2年,欲了解執行資通安全管理法要求所需能力,目前資安人才培訓練課程是否足夠。
    本研究首先探討我國資安相關法規對政府機關的規定與要求,蒐集國內外有關資安人才培育之文獻,分析各制度與標準對資安人才培育之作法,透過專家意見收斂並歸納應辦事項與資安人才培育對應優先順序。研究結果發現,管理面委外廠商資安管理與稽核與評估委外廠商資安專業能力,技術面執行資通系統開發之安全需求設計、測試(含源碼安全管理)等三項是目前訓練課程較為缺乏的,可做為資安人才培訓規劃上的參考依據。
    Cyber Security Management Law was passed the third reading in May 2018, and it was officially implemented on January 1, 2019. This measure assigns different levels of responsibility for information security to public agencies and specific non-public agencies.Two years have passed since its implementation. If you want to understand the capabilities required to implement the requirements of the Information Security Law,whether the current information security personnel training courses are adequate.
    First, discuss the regulations and requirements of Taiwan's information security laws and regulations on government agencies, collect domestic and foreign literature on information security personnel training, analyze the practices of various systems and standards for information security personnel training, and converge through expert opinions and summarize what should be done Matters correspond to the priority order of information security personnel training. The results of the study found that the management of outsourced vendors’ information security management, audit and evaluation of the outsourcing vendors’ information security expertise, and technical implementation of information communication system development, security requirements design and testing (including source code security management) are currently relatively trained The lack of courses can be used as a reference for cyber security personnel training planning.
    Appears in Collections:[Department of Information Management & Graduate Institute of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML420View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback