Constructing Network Vulnerability Protection Management Using ISO 27001-A Case Study on Campus Information Systems on SomeJunior High School in Taoyuan City

• Main Authors: Pei-Ling Hsieh, 謝佩玲
• Other Authors: Woei-Jiunn Tsaur
• Format: Others
• Language: zh-TW
• Published: 2015
• Online Access: http://ndltd.ncl.edu.tw/handle/552qbb

碩士 === 大葉大學 === 資訊管理學系碩士班 === 103 === With the rapid development of information technology and Internet, the campus is also informatization. The integration of information systems and networks, with the more manifest improvement in the simplification of administrative processes and efficiency increasing, promotes not only the development but also the competitiveness of the school. However, the convenience of Internet comparatively results in many information security issues. In recent years, the campus information security issues are mostly related to the popularity and the convenience of networks. In order to reduce the risk of information security, the adoption of the information security management standards and the technological management methods are needed to enhance the campus network vulnerability protection. This study is to explore the network vulnerability protection of campus information management systems in Taoyuan City. The use of ISO 27001 information security standard is provided for guiding the in-depth interviews. This study finds there are several deficiencies existing in the campus information systems. For example, the appropriate method of information security policy is adequate, but in implementation, there is still room for improvement. It professionals are insufficient and transfer very often, which cause the information system managements of network vulnerability protection work has to be constantly changed. In addition, this study also provides several suggestions for the network vulnerability protection of campus information management systems .