English  |  正體中文  |  简体中文  |  Items with full text/Total items : 2737/2828
Visitors : 277035      Online Users : 19
RC Version 4.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Adv. Search

Please use this identifier to cite or link to this item: http://ir.lib.stu.edu.tw:80/ir/handle/310903100/1346

Title: 以CNS27002資安規範探討基層公務機關之教育訓練
Analysis Education and Training Procedures for Primary Public Organizations Based on CNS27002 Information Security Standard
Authors: 閻一平
Yi-Ping Yang
Contributors: Chun-Li Lin
Keywords: 資訊安全;資訊安全教育;資訊安全事件;資訊安全管理;資訊安全管理之作業規範(CNS27002)
Information Security;Information Security Education;Information Security Events;Information Security Management;Information Security Management Operating Standards (CNS27002)
Date: 2010
Issue Date: 2011-05-24 15:28:53 (UTC+8)
Publisher: 高雄市:[樹德科技大學資訊工程系碩士班]
Abstract: 自資訊科技快速的發展,造就網際網路的興起,各類的資訊設備也日新月異,使得人類的生活方式與空間距離也日趨方便近在咫尺。但個人隱私與資訊安全保護能力亦趨受到重視,特別是防止網路上洩露、盜取、入侵及犯罪所引發的資訊安全維護能力也受到疑慮。縱使投入大量的資金更新及強化資訊設備(環境),未必可化解危機。因此,資訊安全最重要的課題之一即為教育及認知,要如何確保資安教育能有效的建立資安概念,以防範資訊安全類案再生,即是本研究的方向。
Since the development of information technology is rapid, the several types of information devices are change with each passing day. It let human life become more convenience and distance between each others becomes closer. The issues regarding to protect personal privacy and information security have been got increasingly attention. In particular, the abilities which is used to prevent the network leakage, theft, hack and crime are doubted. It may be useless to resolve the above problems even much money involves to update and strengthen the information equipment (or environment). Because the education and awareness are important issues in information security field, This study researches on estimating the current education for information security is effective enough to establish the users’ concepts or not, and given some advises to avoid similar security risks arise again.
The questionnaire in this study is based on Code of practice for information security management (CNS27002) and the target of questionnaire is focus on junior officers. Their degree of understanding on the concept of information security can be detected by the questionnaire, as well as the planning of current education principle can be analyzed. In the study, the total of available feetbacks amounted to 193. The result which is analyzed is given as follows: the junior offices who have not received the related training course, only 17% understand of information security enough. On the other words, their are 83% offices (have notreceived the related training course yet) lack the concept of information security. It is surprising, even the officers have received the related courses, only 36% officers understand information security enough, there are 64% offers still not enough. Base on above result, the current information security education programs seems not effective enough for junior officers. The study proposes some recommend for improving current information security course.
Appears in Collections:[資訊工程系(所) ] 博碩士論文

Files in This Item:

File Description SizeFormat
stu-99-s97739106-1.pdf全文749KbAdobe PDF1478View/Open

All items in STUAIR are protected by copyright, with all rights reserved.





2. 本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本校護人員(clairhsu@stu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback