Information Security Governance for Campus Score Management Systems Based onISO 27001－A Case Study on SomeJunior High School

• Main Authors: Min-Kai Hsu, 徐敏凱
• Other Authors: Woei-Jiunn Tsaur
• Format: Others
• Language: zh-TW
• Published: 2013
• Online Access: http://ndltd.ncl.edu.tw/handle/92305925875773630620

碩士 === 大葉大學 === 管理學院碩士在職專班 === 101 === From the 21 century, with information technology and the Internet developing rapidly, government and enterprises have started to import information systems in order to remain competitive and improve performance. With this trend and constant innovation of information network technologies, a variety of powerful and fast processing speed systems mushroomed. These systems not only bring equivalent benefits for the organization, but also make society organizations greatly rely on information systems. Since 1999, the government implemented comprehensive networks in education for promoting economy, and allowed the use of resources can be more smooth in campuses. But the information and communication face information security and confidentiality issues with comprehensive networks, including computer viruses, hackers, control negligence of internal staff and other related issues. The most required protection is privacy of teachers and achievements of students. Some campuses’ programming is old, and therefore hackers can implant Trojanhorse to tamper files easily, even stealing users’ passwords. The most worst situation always happen in primary schools and junior schools, even now having improved the security, but they is still at risk. Although the government greatly implemented campus information networks, it frequently ignored the problems of information security. For the issue of information security’s governance, information technology and information security always play an important role in enterprises, and is less discussion and analyses for information security’s governance of campus achievement systems. Therefore, through management processes of information security and improvement of related measures, this study tests the security of campus achievement management systems based on the ISO 27001 standard, and then gives some crucial suggestions.