| In China, thousands of research institutes in various fields comprise the technicalfoundation of Chinese Military industry, working on the frontier of IT research and itsapplications. The development and wide use of these IT technologies plays an importantpart in propelling the informization construction of this industry. At the same time ofusing information technology for informization, these institutes have already paidattention to the importance of information security since early days. However, theprimitive information security system relies too much on the information securityequipment or devices, instead of a comprehensive and sustainable set of managementsystem, so with the development of new technology, these information security systemsare facing more and more challenging situations, leading to increasing information andsecret leakage, causing a lot of damage to our country and the national defense. In orderto meet our national information security requirements and keep pace with theinternational standard, institutes must strictly check and find the flaws lies in theirpresent information security system, to improve them both technically andadministratively to reconstruct a more reliable and comprehensive information securitymanagement system.In this essay, China’s DCSS information security system and its security accidentsare taken as an example for study. First, analysis and compare is carried out to evaluatethe present situation of the information security system, then, references to domesticand international standards are made withthe considerationof institution’s own features;finally, a new achievable and suitable Institute Information Security ManagementSystem (ISMS) for the institute is established and implemented.The study of this essay is composed of five parts:Part one: OverviewThis part illustrates the background and significance of writing this essay, describesthe importance and necessaries of this study, and introduces the research and studymethod.Part two: Introduction of China’s DCSS research institute and taking its problems lies in information management as an example for the essay.Part three: Present situation and analysis of information security management inChina’s DCSS institute. It is illustrated in two management aspects, which are technicalmanagement and administrative management. This part paves the way for the followingchapter, which gives comparison with ISO27000and brings up new improvingsolutions for ISMS.Part four: Comparison between China’s DCSS information security managementand ISO27000requirements. This part is the most important part of this essay, itemphasis on analyzing problems lies in the present system and compares them withinternational standard, giving a solution and implementation to establish acomprehensive ISMS.Part five: This part gives standard suggestions for other institutions to establishISMS of their own, which is of great significance. |
PDF Full Text Request