| SASAC Central Enterprise Group Finance Company is a kind of the non-bank financial institutions,which is responsible for all units within the group between the receipt and payment of funds,liquidation,lending,investment etc.As the core business system of the finance company,it is an important information system which is responsible for the management of the group's funds.Our country has launched a series of policies and standards for the protection of information security,and formed a perfect system of the information security classified protection.Financial industry also launched some industry standards of the information security classified protection in 2012.In this thesis,the assessment on the finance company core business system is based on the financial industry information security classified protection standards.First of all,through the preliminary investigation of the system,the basic situation of all aspects of the system are collected,and the results are analyzed.Then the field assessment was carried out,and the server room,network equipment,server,application software,Data backup,information security management system were assessed,and the security problems of the system were found.According to the security problem of the system,put forward the rectification proposal and formed a rectification program to guide the financial company's core business system to implement the rectification work.Then the rectification results were retested to verify its rectification,to solve most of the security issues,and ultimately the overall security level of the system has achieved the basic requirements of the standard.The result in the system assessment report is a "Basically achieved".Finally,the implementation of the assessment and rectification project is summarized,and put forward new proposals for the future planning of the system,and the standards and methods of the assessment of the financial industry information security classified protection standards are proposed a new prospect. |
PDF Full Text Request