21世紀具有著資訊化、數位化及網路化的特性,進入一個以網路為重心的資訊時代,更加開放了人與人之間的流動。各行各業廣泛地應用資訊技術,資訊安全已經擴展為對資訊的機密性、完整性、可用性、鑑別性、可歸責性、不可否認性及可靠度等全面性的保護。國際標準制定機構英國標準協會(BSI),於1995年提出BS 7799資訊安全管理系統(Information Security Management Systems—簡稱ISMS),最新的一次修訂已於2005年完成,並經國際標準化組織(ISO)正式通過成為ISO 27001:2005資訊安全管理系統要求標準,為目前國際公認最完整之資訊安全管理標準。 本研究中選取北區某家B級署立區域級醫院配合分級政策需於97年前通過第三者認證,採取文獻資料分析法及完全參與觀察法,以個案單位為觀察對象,分析個案單位因瞭解建置ISMS之重要性及認知,於個案單位在建置ISMS期間實施過程作深入的探討及研究,所得的資料輸入分析軟體(MSAT)後,概略評估個案單位整體安全的概況,進而提供個案單位維持及改進ISMS的參考建議。
21st century is characterized by information、digital & network, It has ushered in an information era whose core is network that open the gate of information between people.For the widespread use of technical information, Information security has been asked to be an overall protection in every aspect of application.British Standards Institution(BSI) raised the standard of Information Security Management Systems—ISMS,coded BS7799 in 1995.It’s revised in 2005 and became an international standard by ISO coded ISO 27001:2005 -Specification for an Information Security Management System which is the best standard of information security management all over the world . A B-grade general hospital located in the north Taiwan is chosen as an object of this case study. To meet the policy requirement she is asked to pass the ISMS certification by 2008. Adopting literature analysis method and full concerned observe method to analyze the process of implementation. Assessing security for all information research data will be input to the analysis software called MSAT . Will make some comment for the hospital about the maintenance and improvement of ISMS according to the result of study.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。