摘要
随着信息时代的到来,信息化技术在企业中发挥的作用愈发重要,在目前的网络环境中,大量的病毒频繁地攻击企业的信息系统,甚至造成系统无法及时处理攻击的情况。因此,企业信息安全应变被动处理为主动防御,在信息系统中建立风险管理框架,合理利用企业内部资源,提高企业信息系统安全性。本文将对企业信息安全风险管理的框架进行研究,探讨企业信息安全风险管理的需求、过程以及实施等细节。
With the advent of the information age,information technology plays an increasingly important role in the enterprise,and inthe current network environment,a large number of virus frequently attacks the enterprise's information system,and even cause systemcannot deal with the attacks.Therefore,the enterprise information security should change passive treatment into active defense,establishrisk management framework in the information system,rationally use internal resources,and improve enterprise information system security.In this paper,the framework of enterprise information security risk management is studied,and the requirements,process andimplementation of enterprise information security risk management are discussed.
作者
陈瑜
CHEN Yu(Shaanxi Aerospace Navigation Equipment Co.,Ltd.,Baoji 721006,China)
出处
《价值工程》
2017年第18期53-55,共3页
Value Engineering
关键词
信息安全
风险管理
框架探究
information security
risk management
framework research
