| The concept of information security, itself includes a wide range. From the country’smilitary, political, economic policy and security, to prevent teenagers on bad informationbrowsing and personal information disclosure, all belong to the category of informationsecurity. Today, in this information era, for an enterprise, the sensitive information largelydetermines the enterprise’s prosperity and decline and vital importance, it has quietlychanged to an enterprise asset. It is same as other important asset, it has important value forthe enterprise, therefore it should been have appropriated protection.Firstly, the thesis summarizes basic concepts of information security andinternationally recognized as the best information security management model ofISO27001system. According to the boshi company, it is the leader of the third partyfinancial institutions, with various business functions to the interview, and combined withthe ISO27001model system requirements designed questionnaire and evaluation tools todiagnose the information security problem of the company currently exposed. In addition,according to the diagnosis of the cause and the result of company’s own businessdevelopment needs to develop a series of solutions.Finally, we hope that through the ISO27001information security management systempractice in the company. We will focuses on the analysis of the information securitymanagement problems. Through the analysis of the diagnostic system, find out some riskcontrol node, and combined with the organization’s own situation, for each risk controlnode has one proposed solutions. This research can not only enrich the theory ofinformation security management, and the research results can improve informationsecurity level to provide reference for the same industry... |
PDF Full Text Request