|
|||||
|
|
| 信息安全风险管理绩效研究 | |
| 引用本文: | 卢志刚,潘林,刘宝旭,许榕生,蒋文保. 信息安全风险管理绩效研究[J]. 计算机科学, 2010, 37(6): 40-42 |
| 作者姓名: | 卢志刚 潘林 刘宝旭 许榕生 蒋文保 |
| 作者单位: | 1. 中国科学院高能物理研究所计算中心,北京,100049;中国科学院研究生院,北京,100049 2. 中国科学院高能物理研究所计算中心,北京,100049 3. 北京信息科技大学,北京,100101 |
| 基金项目: | 国家科技支撑计划重点项目,北京市自然科学基金面上项目 |
| 摘 要: | 分析了当前风险管理的现状和所面临的问题,并通过风险确认,提出了一个风险管理效率判别模型,以对风险管理方案进行判别,找出最佳的风险管理方案.通过分析进一步指出了基于信息资产提供业务的风险管理投资和安全事件损失的联系,并对其有效性进行了验证.实验结果表明,此方法是行之有效的. |
| 关 键 词: | 信息安全 风险管理 方案决策 绩效 |
| 收稿时间: | 2009-07-07 |
| 修稿时间: | 2009-09-09 |
Study on Performance of Information Security Risk Management |
|
| LU Zhi-gang,PAN Lin,LIU Bao-xu,XU Rong-sheng,JIANG Wen-bao. Study on Performance of Information Security Risk Management[J]. Computer Science, 2010, 37(6): 40-42 | |
| Authors: | LU Zhi-gang PAN Lin LIU Bao-xu XU Rong-sheng JIANG Wen-bao |
| Affiliation: | (Computing Center, Institute oI High Energy Physics, Chinese Academy of Sciences,Beijing 100049,China);(Graduate of University,Chinese Academy of Sciences,Beijing 100049,China);(Beijing Information Science & Technology University,Beijing 100101,China) |
| Abstract: | Analyzed the situation and likely problems of the current risk management through affirming the current risk, combined with analysis of financing final accounts, and then put forward a systematic and normative differentiating model for the efficiency of risk management to distinguish the risk management projects from which found out the optimal one. Then pointed out the link between the investment of risk management and the loss of security incidents through further analyzing base on business, and gave out the verification of its effectiveness. The result of verification shows that this model is effective. |
| Keywords: | Information security Risk management Decision-make Performance |
| 本文献已被 万方数据 等数据库收录! | |
| 点击此处可从《计算机科学》下载全文 | |