The Study On Evaluation About Information Secoity Managed Capacity Based On D-s Evidence Theory

Along with computer application and electronic commerce, material trade, electron data exchange rapidly expanding and era of knowledge economy arrival, Society'is getting higher and higher to information resource's level of dependency, the information has become the indispensable resources. Therefore, completing the information security supervisory work well for the organization is important to act the function. The organization supervisory work faces the first duty is that it must have the objective evaluation to organization's information security managed capacity, know the organization insider information security overall condition, and know that which aspects are first needed to solve the information security to take the effective action in view of the question, and raise the organization overall information security management level. Therefore, in order to reduce the information security question which brings the loss to the organization and enhances organizes own information security safeguard level, it need to carry on the appraisal to the organization information security managed capacity, then judging where the organization information security question is, achieving "acts appropriately to the situation".To carry on the evaluation scientifically to the information security managed capacity, this paper first introduces the information security management's connotation obtains, summaries the domestic and foreign scholars to the information security management different understandings, and carrys on the analysis to the information security management's characteristics, discusses in the information security management "the technology" and "the management" during two big factor relations; then, according to the information security management model PDRR theory, it has established one information security management model which expands based on PDRR, at the same time, and proposes and analyzes the influence information security managed capacity factor, and constructs the information security managed capacity indicator system; then, the paper utilizes the D-S evidence theory to establish the information security managed capacity evaluation model, and utilize the analytic hierarchy process in the model to carry on the initial weight determination to the target; the paper take the Harbin Engineering University as an example, and it has a certain guiding sense to evaluate this school information security managed capacity and make the macro-scientific policy-making.