在資訊科技與網際網路不斷更新及演變下,資安觀念逐漸為眾人所了解與重視,世界各國、各企業甚至於軍隊中的資訊部門紛紛嚴正以待,做出許多防制作為以避免重要資訊外洩,然而,在資訊傳遞的過程中,有心人士的窺視從未間斷,資料遭竊取案件仍屢見不鮮,全球各地仍有許多駭侵事件的發生,因此如何有效防範駭客威脅及建立資訊安全標準,是各單位、各部門都需重視的議題。 在資料時刻遭到威脅的時空背景下,資訊安全管理系統(ISMS)逐漸遭到世人所重視,甚至導入至政府機關與軍隊中,以提供一個可以遵循的步驟及規範,防止重要機敏資訊外洩,但在近年來的研究中,以國軍導進資訊安全管理系統實施探討的研究十分稀少。 本研究旨在針對中華民國國軍導入資訊安全管理系統關鍵因素實施探討,首先,將相關文獻當成基礎結構整合出5個構面與17個準則作為本研究架構雛形,接著以德爾菲法(Delphi Method)對軍中專家實施文卷填答,以完善本次論文之構面及準則,並運用決策實驗室分析法為基礎的網路程序分析法,探討國軍導入ISMS關鍵因素彼此相互關係之影響,最後,再以重要性績效分析法瞭解構面及準則彼此的績效與重要程度。本次論文有2個現況急需改善的地方,為管理人員的資安素養及員工資訊安全認知均須提升。
With the progress of information technology and the Internet, the concept of information security is gradually understood and valued by everyone. The information departments of countries, companies and even the military have been prepared for it .A lot of preventive measures to avoid important data leaked. However, in the process of information transmission, the peeping of interested people have never stopped and the data theft cases are often seen. There are still many hacking incidents around the world. So, how to prevent hacker threats effectively and establish information security standards are an important issue for enterprise information security departments. Under the data be threatened at all times, the Information Security Management System (ISMS) has gradually been taken seriously by the world, government agencies and the military, in order to provide step and specification that can be followed to prevent the leakage of important and sensitive information. However, in recent years, few people have discussed the introduction of Information Security Management System in National Army at Taiwan. This study aims to study the key factors to Information Security Management System in National Army at Taiwan. First of all, based on the relevant literatures, 5 facets and 17 standards are integrated as the prototype of this research framework. Then, in order to optimize this research, the Delphi Method is used to interview the experts. After that, using the method of DEMATEL-based to discuss the relationship between the key factors to Information Security Management System in National Army at Taiwan. Finally, using the method of Importance-Performance Analysis to understand the performance and importance of each facets and standards . This study finds that there are two parts that need to be improved urgently. One is a security literacy of management person. Another is a awareness of employees' information security. Both of them have to be improved.