政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/100252
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文笔数/总笔数 : 114609/145646 (79%)
造访人次 : 53685466      在线人数 : 317
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻


    请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/100252


    题名: 資訊安全管理理論之探討
    其它题名: A Study of Theory for Information Security Management
    作者: 洪國興;趙榮耀
    Hong, Kwo-Shing;Chao, Louis R.
    关键词: 資訊安全;安全政策理論;風險管理理論;控制與稽核理論;整合系統理論
    Information Security;Information Policy Theory;Risk Management Theory;Control and Auditing Theory;Integrated System Theory
    日期: 2003-06
    上传时间: 2016-08-16 15:16:21 (UTC+8)
    摘要: 由於資訊科技的快速進步,組織對資訊科技的依賴日深,尤其網際網路所建構的電子商務時代,組織之資訊系統的使用者,已由組織內部的人員,擴大到組織外部任何不特定的個人,使得組織的資訊安全面臨空前的挑戰,因此,資訊安全的管理與技術,亦受到研究者與實務界普遍的重視,然而「資訊安全管理」尚缺乏一貫的理論架構。本文試圖經由資訊安全管理文獻的探討與實務面的觀察,就當今組織資訊安全管理的現象歸納為:安全政策理論、風險管理理論、控制與稽核理論、管理系統理論、及權變理論等,再就這些理論衍生整合成為另一新的資訊安全管理理論,亦即建構為資訊安全管理之「整合系統理論」。資訊安全管理理論的提出將有助於後續的研究者與實務界人士,藉以了解資訊安全管理的現象,解釋資訊安全管理策略,及預測投入資訊安全管理策略與方法,預期可能的結果,並對後續的研究提供研究方向與理論基礎。
    With the rapid advancement of information technology, organizations put dependence on it more than ever. Especially in the era of electronic commerce, users of a certain organization`s Internet system broaden from members inside to unknown individuals outside. Many organizations are facing unprecedented security challenges. Therefore, information security techniques and management tools have caught a lot of attention from both academia and practitioners. However, there is lacking a theoretical framework for information security management. This paper, through literature review and practical observations, attempts to summarize and integrate five existing theories: security policy theory, risk management theory, control and auditing theory, management system theory and contingency theory to build a comprehensive theory of information security management (ISM). It suggests that an Integrated System Theory (IST) is useful for understanding information security management, explaining information security management strategies, and predicting possible outcomes while applying those strategies. This theory may lay a solid theoretical foundation for further empirical researches and applications.
    關聯: 資管評論, 12, 17-47
    MIS review
    数据类型: article
    显示于类别:[MIS review(資管評論)] 期刊論文

    文件中的档案:

    档案 描述 大小格式浏览次数
    12-17-47.pdf1634KbAdobe PDF2453检视/开启


    在政大典藏中所有的数据项都受到原著作权保护.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈