The Research And Design Of Risk Assessment Of Information Security Based On BS7799

With the development of informationlization, information security is increasingly important, causing the extensive attention. Risk Assessment occupies the key fundamental position in the construction of information security.At first, this dissertation introduces goal and research progress of risk assess, explains the basic conception and theory in risk management and risk assessment of the information security, and analyses BS7799 standard; Then the characteristic of the existing risk models and the assessment methods is summarized, the risk cycle model of information security, the depth risk management model of information security, the fuzzy risk assess method and the comprehensive risk assess method based on BS7799 standard are put forward; Afterwards, on the foundations of these achievements, a software for risk assessment based on BS7799 standard is developed regard the theory of OOP as guidelines. The risk database is also established. These research results have already been applied to practice, and developed the information security of our country.