| Summary: | 碩士 === 嶺東科技大學 === 資訊科技應用研究所 === 99 === Due to the advance of computer and information technology, the information security management has become a significant subject for all parties involved. Currently, most government agencies adhered to the ISO27001 standards; which is the spirit and the base for establishing an information security management system. Agencies should assess risks and implement risk management; assign all tangible assets with proper security level and perform regular review and control. The RFID technology can be used to effectively manage and track the information asset; thus has influence toward the organizational promotion of the ISO27001.
The main theme of this paper is based on case study; the search will discuss how ISO27001 has been promoted by that agency and the issues in its information asset management processes; it will explore the induction of RFID asset management to that agency; how to improve the existing asset management processes and the expected effects to the ISO27001 promotion. This study shows a positive influence toward promoting the ISO27001 with the RFID information asset management inducted in that agency. Replying on the interviewees’ experience, a simulation model of RFID asset management for that agency was established and asset management processes were proposed; furthermore, based on the interviewee’s operational needs, designed a middleware that can be used by any government agency; hopefully, they can serve as a valuable reference for that agency.
|
|---|
