摘要
【目的/意义】随着信息化程度的不断提高,信息安全已经成为企业最关注的问题之一,企业信息安全管理体系的构建也变得至关重要。【方法/过程】通过对企业信息安全管理体系的发展现状、影响因素等方面进行分析,结合企业现阶段的经营模式,构建了与企业的整体经营体系相结合的信息安全管理体系,并提出了保障安全体系最佳运行的关键对策。【结果/结论】该成果对于企业建立既符合国际标准要求又符合企业发展需要的信息安全管理体系具有指导意义。
【Purpose/significance】With the continuous improvement of informatization, information security has become one of the most important concerns of enterprises, and the construction of enterprise information security management system has become very important.【Method/process】By analyzing the development status and influencing factors of enterprise information security management system, combining with the current business model of enterprises, the information security management system combined with the overall business system of enterprises is constructed, and the key countermeasures to ensure the best operation of the security system are put forward.【Result/conclusion】This achievement has guiding significance for enterprises to establish information security management system that meets both the requirements of international standards and the needs of enterprises' development.
引文
【1】戴明禹.大数据时代企业管理中信息安全研究的现状与展望[J].情报科学,2017,35(12):162-167.
2 张红旗,王新昌,杨英杰,等.信息安全管理[M].北京:人民邮电出版社,2007.
3 孙红梅,贾瑞生.大数据时代企业信息安全管理体系研究[J].科技管理研究,2016,(19):210-213.
4 陈晓飞.企业信息安全管理体系建设[J].信息与电脑,2017,(3):194-196.
5 陈文利.解读标准ISO27000[J].标准,2011,(3):60-61.
6 Neil, MacDonald. Information Security Is Becoming a Big Data Analytics Problem[EB/OL].https://www.gartner.com/doc/1960615/information-security-big-data-analyt-ics.2012,2014-05-02.
7 Renu, Kesharwani. Enhancing Information Security in Big Data[J]. International Journal of Advanced Research in Computer and Communication Engineering, 2016, 5(8):323-327.
8 罗雪英,邹凯.论竞争情报与企业信息安全[J].情报科学,2003,21(8):811-814.
9 高原,吴长安.云计算下的信息安全问题研究[J].情报科学,2015,33(11):48-52.
10 戴晨昱.浅析企业信息安全[J].科技与创新,2018,(16):138-139.
11 Debi Ashenden. Information security management:A human challenge[J]. Information Security Technical Report,2008,(13):195-201.
12 J.F. Van Niekerk,R. Von Solms. Information security culture:A management perspective[J].Computers&Security,2010,29:476-486.
13 尹淋雨.大数据环境下企业信息安全水平综合评价模型研究[D].蚌埠:安徽财经大学,2015.
14 王雪涛.大数据环境下我国企业信息安全影响因素研究[D].哈尔滨:黑龙江大学,2017.
15 Krisfian,Beckers.A pattern-based method for establishing a cloud—specific information security management system[J].Requirements Engineering,2013,18(4):343-395.
16 Alan Gillies.Improving the quality of information security management systems with ISO27000[J].The TQM Journal,2011,23(4):367-376.
17 杜劲松,卢飞.企业信息安全管理体系建设研究[J].科技创新导报,2018,(9):157-161.
18 毕琳.用ISO27000规范数字图书馆信息安全管理[J].图书情报工作,2012,56(5):143-144.
19 刘晶晶.基于ISO27001的北京XX企业信息安全管理体系的建立与实施[D].济南:山东大学,2015.