Disaster Recovery Management for Network Systems Based on ISO 27001 and ISO 27005 － A Case Study on Campus Information Systems of Some Junior High School in Taoyuan City

• Main Authors: Yen,Hui Chen, 顏慧蓁
• Other Authors: Tsaur,Woei Jiunn
• Format: Others
• Language: zh-TW
• Published: 2015
• Online Access: http://ndltd.ncl.edu.tw/handle/fpkx36

碩士 === 大葉大學 === 管理學院碩士在職專班 === 103 === With the recent advances in information technology and innovations of network technology, the government vigorously promotes the network in education to make use of network resources more freely in the campus. The computerization and the cyberization of school administration is an inevitable trend. Teachers can handle teaching matters with computerization of school administration. By means of it, school staff can handle administrative matters. Parents and students can check public information about school activities, school information, etc. However, the so-called “water can carry a boat, can also capsize it”, information technologies bring convenience, but also derives a lot of information security issues. Once serious disaster of the campus network system occurs, it should be an important issue today on employing a disaster recovery mechanism in a short time and restoring all the system operations. This research is based on ISO 27001：2013 for the control items and based on ISO 27005 for the risk procedure. In addition, using the way of case study, this thesis derives several propositions in terms of four dimensions including P (Plan), D (Do), C (Check) and A (Act) for understanding the status of the information system disaster recovery plan in some junior high school, and further makes relevant suggestions. Furthermore, the contributions of this study can provide a variety of educational administrative organizations with useful results for reference.