Research On Information Security Control Of Industrial Enterprises Based On COSO Framework

In the age of Internet,the status of information technology is becoming increasingly important,information security is becoming more and more prominent.In view of the current tobacco industrial enterprise information security,especially the risks of cigarette manufacturing industrial control system and the existing problems,the author analyzes the reasons of the tobacco industry enterprise information leakage and way from different angles.Through research at home and abroad the latest information security control of the related theory and practice,in view of the tobacco industry enterprise information security control requirements,using the COSO(The Committee of Sponsoring Organizations of the Treadway Commission)enterprise risk management integration framework.Related theory,from the environment to build and goal setting,risk identification,risk assessment and response,and evaluation and supervision,etc.,the introduction of the COSO internal control framework,with its compact,flexible and dynamic structure,combined with the tobacco industry enterprise own actual situation and requirements,from technology,management and staff from three aspects of multielement,multidimensional research,designed a cigarette industrial enterprise information security control framework to guide implementation and improvement of the overall information security,in order to improve information security control in the comprehensive control ability.