人力資源管理是企業最重要的功能之一,且在未來組織發展中期重要性日漸受到肯定,如何吸引、留任與激勵越來越多樣化的人力或吸引、獲得並擁有具適任技術、知識與能力的人才,讓組織更有競爭力則成為一重要的議題(Walton,1985)。 雖然資訊數位化帶來許多管理上的方便性,但安全的問題也開始備受挑戰。尤其近年來,發生多起顧客資料外洩事件,不但影響企業的形象,造成商譽的受損,更導致股票的下跌種種的傷害。本研究主要針對顧客資訊的保護之人力資源的部分作深入的探討,了解各種影響顧客資訊的威脅,以及了解實務界對顧客資訊的管理措施為何。 國際資訊安全稽核規範BS7799是建構企業安全機制的具體指標,目的在於確保企業組織資訊相關資產,包括實體、軟體和硬體設施、資料、資訊等安全,由過去文獻中發現,「人」為資訊安全施行之主要重點之一,因此,本研究以BS7799中資訊安全管理系統十大管控項目中的人力資源部分作為主要研究架構。 本研究以量化方法作為主要資料分析的方式。以金融保險業為本研究之對象,針對資訊安全管理系統中的人力資源部分之影響進行研究,以瞭解在資訊安全中人力資源是否為最主要之安全漏洞。 本研究發現顧客資訊的保護所涉及的範圍相當廣泛,包括實體安全、人事安全、通訊安全與作業安全。四者彼此之間密切相關,相輔相成,無法單獨存在。而為了加強顧客資訊的安全防護,可從獲得高階主管的支持、加強教育訓練的宣導、強化人員安全的控管、建立以「人性本惡」為出發點及抱持「防範未然」的心態之管理機制等方面來進行。
The human resources management is one of enterprise most important functions, how will attract, remains in office with the drive more and more diverse manpower or the attraction, obtains and has has suitably no matter what technical, the knowledge and ability talented person, will let the organization have the competitive power to become an important subject (Walton,1985). Although information digitizing brings the conveniences which many manages, but the security problem also starts to prepare is challenged. This research mainly aims at the customer information of human resources the protection part to make the thorough discussion, understands each kind of influence customer information the threat, as well as understanding practical realm to customer information management measure why. This study takes the financial insurance business object of as the this research, conducts the research in view of the information security management system in influence human resources part, understands in the information security the human resources whether for most main security loophole. This study discovered the customer information the protection involves the scope is quite widespread, including entity security, human affairs security, communication security and operational security. Between each other close correlation, complements one another, is unable alone to exist. In order to strengthen the customer information the safe protection, may from obtain the higher order manager's support, the enhancement education and training guidance, strengthens the personal security to control the tube, the establishment “wickedly by the human nature this” and embraces “the guard for the starting point not however” point of view aspects and so on management mechanism carries on.