| As e-business develops continuously, information security has shown greater and greater significance. To avoid severe security disclosure issues, our country has made more exquisite and enforceable laws to guarantee a steady development of information system management. It has become a consequential tend and requirement that a serie of rules that include scaled-protection of information system security and scaled-protection of security document management should be codified and carried out.The goal of these kinds of management is to be qualified as information security management on the one hand, and to come up with a most ideal solution of security management inspite of all the disadvantages such as size of the project, time and short budget, etc.. Based on the various situations and all kinds of problems encountered though out several years of experience in the field of the information security management, the author suggests the introduction of a computerized management system based on an effective and complianced platform, that uses a variety of issues that had appeared during actual working process, to achieve the total management of the information security projects. The introduction of such a system would also ensure following to standardize and structure team members’working process:Mentoring of all teams’members’projects execution; Monitoring of the projects; Unification of Security, Safety Strategy, Audit and Risk management processes.This thesis consists of 4 parts. Part One states the background of choosing this topic and describes the current situation in the field of information security in our country to introduce the concept of complianced project management; Also in this part based on the researched materials, is formed the literature review. The concept of the compliance project management is briefed by combining the theory and the practice. At the end of this part is the description of the structure of this paper and its content. Part Two analyzes the features of a complianced project management, and introduces the concept of computerized management. Based on the previous parts further analyses this new management concept, and suggests management concept that combines Security, Safety Strategy, Audit and Risk management functions and could satisfy the requirements of a complianced computerized management concept. Part Three, made a detailed feasibility anlysis of the management implementing the computer model in the aspect of compliance of the information security project considering such factors as the size of the project, time and budget. Part Four, folds a case of information system classified protection and compliance project, and shows the proof of the feasibility and efficiency suggested concept. |
PDF Full Text Request