摘要
"互联网+"时代的到来,有力地促进了企业信息化应用,但是企业信息化软件研发也面临着许多安全威胁,存在许多可以避免或消除的信息系统安全漏洞,这给企业信息化软件普及带来了严峻的挑战。因此,为了提高企业信息化普及水平,本文简要介绍了企业信息化研发现状及安全管理体系相关内容,分析了企业信息化研发安全管理体系存在的问题并提出解决对策,本文从六个方面针对企业信息化研发安全管理体系进行了深入研究,优化研发组织职能,制定严格的信息化研发管理制度,加强研发过程管控,同时加强技术支撑、评价考核和配套保证,进一步提高企业信息化研发安全管理水平。
The advent of the "internet plus" era has effectively promoted the application of enterprise information. However,enterprise information software development is also facing many security threats. There are many information system security vulnerabilities that can be avoided or eliminated,and this has brought severe challenges to the popularization of enterprise information software. Therefore,in order to improve the level of enterprise informatization,this paper describes in detail the status of enterprise information research and development and the content of security management system,analyzes the existing problems and proposes solutions. This paper proposes the enterprise information security research and development security management system from six aspects.R&D organizational functions,develop a strict information research and development management system,strengthen the control of the research and development process,while strengthening technical support,evaluation and supporting guarantees,and further improve the level of enterprise information research and development security management.
引文
[1][美]惠特曼,马托德.信息安全原理[M].北京:清华大学出版社,2004.
[2]李仪.研发能力持续成长路线图:向华为学习研发管理,助推企业持续发展[M].北京:电子工业出版社,2013.