Application Of Information Security Risk Assessment In Population Foundation Database

With the rapid development of information technology representedby computers and networks, modern government departments, financialinstitutions, enterprises and business increasingly rely on theinformation systems, information technology to virtually all aspectsof social life worldly. Population information database based one-government building is the most basic database in the socialmanagement of the population, but also a complex project. As anessential component of information system, security risk assessmentplay a decisive role to hole system, it’s the base and premise to themanage. The theory and method of risk assessment also lead to the manageof Population foundation data stock systems in the paper,the studywould provide a reference to the safe operation of the system and makerecommendations for further improvement.Papers based on the existing information security standards, studythe current developments trends in the field of academic research, drawlessons from the theory, related models, methods, assessment toolsand so on to assess the risk of population database systems. First ofall, combined with the network structure of population database system,draw the flow chart of the assessment, selected appropriate assessmentstandards. Secondly, through identificated assets, threats andvulnerability, the value of assets, frequency of threats and thevulnerability of specific assets assignment of severity. Determinedthe possibility of security incidents according to the threat and thevulnerabilities, calculated the the losses caused by securityincidents according to the severity of the vulnerability and the roleof security incidents by the value of the assets. Finally accordingto the possibility of security incidents and security incidents of loss,calculated in case of security incidents impact the organization, thatis, value at risk. Risk calculation using a combination of qualitativeand quantitative analytical methods, so that the results of theassessment more objective and fair. The risk assessment results showedthat: the system as an important asset in the high-risk value of1,accounting for4.17%; the risk of a moderate value of12, accountingfor50%; a low of11, accounting for45.83%.At the end, the recommendations were put forword combined the results of the riskassessment, and the inadequacy of the existence of paper and furtherresearch were summarized.