| Now we are all living in the information era and more and more business activities ofenterprises are depending on the information resources and information networks.However, it can also bring great potential security risks to enterprises. So it has become thefocus of global business issue how enterprise information security system can reduce andeliminate risks to achieve business objectives of information security. And informationsecurity management has become an integrated engineering and emerging research subject.A Company is primarily engaged in the business of software outsourcing in Japan’sfinancial industry. Its security is not only related to important Japanese client confidentialinformation but also to the healthy development of the enterprise. Therefore, the urgentproblem needs to be resolved in the A Company that is how to improve the level ofenterprise information security management and build an information security system.From analysis of the external environment, and the background of the enterprisesfacing the information security requirements, this study points out the necessity andimportance of information security construction. Considering the research object in thesystem, we use risk assessment to research and analyze information security status of thecompany and the main problems in the safety construction. Regarding information securitymanagement theory as the instruction, we draw on foreign experience in buildingenterprise information security and build up the overall architecture. And according to theinformation security management standards and internationally recognized security model,we have carry out the detailed study about the three key aspects: policy system,organizational system, management system for the construction of the content. Meanwhile,we have made the concrete strategy and process of information security system, and havegiven the advice and concrete implementation plan about the key elements in theconstruction of security system: technology system construction and management methods.Finally, we have analyzed the practicality of the system, operability, and effectiveness ofenterprise information security realization.As a member of the A Company, this study is committed to objectives of information security and the future development needs, and it would be proved to be of greatdemonstration and reference value for other large-scale Japanese outsourcing enterprise inthe field of software outsourcing to Japan and cross-cultural environment. |
PDF Full Text Request