Please use this identifier to cite or link to this item:
Analysis Education and Training Procedures for Primary Public Organizations Based on CNS27002 Information Security Standard
|Contributors: ||Chun-Li Lin|
Information Security;Information Security Education;Information Security Events;Information Security Management;Information Security Management Operating Standards (CNS27002)
|Issue Date: ||2011-05-24 15:28:53 (UTC+8)|
Since the development of information technology is rapid, the several types of information devices are change with each passing day. It let human life become more convenience and distance between each others becomes closer. The issues regarding to protect personal privacy and information security have been got increasingly attention. In particular, the abilities which is used to prevent the network leakage, theft, hack and crime are doubted. It may be useless to resolve the above problems even much money involves to update and strengthen the information equipment (or environment). Because the education and awareness are important issues in information security field, This study researches on estimating the current education for information security is effective enough to establish the users’ concepts or not, and given some advises to avoid similar security risks arise again.
The questionnaire in this study is based on Code of practice for information security management (CNS27002) and the target of questionnaire is focus on junior officers. Their degree of understanding on the concept of information security can be detected by the questionnaire, as well as the planning of current education principle can be analyzed. In the study, the total of available feetbacks amounted to 193. The result which is analyzed is given as follows: the junior offices who have not received the related training course, only 17% understand of information security enough. On the other words, their are 83% offices (have notreceived the related training course yet) lack the concept of information security. It is surprising, even the officers have received the related courses, only 36% officers understand information security enough, there are 64% offers still not enough. Base on above result, the current information security education programs seems not effective enough for junior officers. The study proposes some recommend for improving current information security course.
|Appears in Collections:||[資訊工程系(所) ] 博碩士論文|
Files in This Item:
All items in STUAIR are protected by copyright, with all rights reserved.