Study On Information Security Of C Company

Information security is one of the basic protections for business units. In the 21st century, as China joined the WTO, increasing the degree of internationalization, more and more foreign multinational companies have entered China. Since the domestic and international aspects of the cultural differences and the different environment, there's a big challenge for every multinational company to conduct business in China while making enterprise information security as the first priority task.This paper analyzes the information security management status of company C, though the company's information security system has been deployed within the headquarters in US, the China branches encountered many new problems during the deployment. How to build a security system for localized information becomes a problem of the company C. In this context, according to the introduction of information security management theory and best practices, it describes how these theoretical methods applied to the C Company headquarters in China. Throughout the system, I raised double original information security systems, namely: information security management system and common information technology security system. This is an attempt to manage integration into the technology, put forward in information security technology system at the same time, the introduction of information security management system, so well is that from the traditional information security system in the sense of isolation faced by the enterprise, better access to management support and participation. Only in this way information security within the enterprise will be bear fruit.This paper focuses on enterprise information security dual systems which's implemented by AP 2 OC as a guideline, the main body of the paper is divided into five levels, follow the questions, analyze and solve problems of the logical framework, from concept to concrete, to the general, gradual in-depth, step by step to start on. At the same time for each system involved in all aspects of the system described in simple terms. To solve the various problems in the process, the introduction of maturity model, each solution to the problem is divided into six levels, in order to find in the course of the current position and areas for improvement, until finally achieve the ultimate goal.Finally, the release results illustrate information security system's advantage and inadequacies in practice, I also raised several recommendations to improve it contiously.