摘要
文章对比了2013版与2005版ISO27 000标准族的差异,分析了新老标准变化对数字图书馆信息安全风险评估和风险控制的影响,指出数字图书馆信息安全的风险评估可延用2005版的方法与模型,并在对数字图书馆信息安全风险控制核心控制要素和参考控制要素逐一分析的基础上,构建了符合新版标准要求的数字图书馆信息安全风险控制方法。
The 2013 version of ISO 27000 standards was compared with that of 2005 and the influence of the standards change on risk assessment and risk control of digital library information security was analyzed, and then it is pointed out that the information security risk assessment method and model of digital library based on version 2005 can be used in version 2013. Based on the analysis of the core control elements and reference ones one by one, this article built the information security risk control method of the digital library according to the new version standards.
出处
《图书与情报》
CSSCI
北大核心
2015年第6期38-46,共9页
Library & Information
基金
国家哲学社会科学基金重点项目"数字图书馆信息安全管理标准规范研究"(项目编号:12ATQ001)研究成果之一
