摘要
本文在分析信息系统事故的基础上,对信息系统的风险评估模型以及信息系统风险评估程序进行了系统描述。同时,在对我国信息系统风险评估工具进行简要介绍的基础上,重点介绍了适用于企业日常安全管理的定性定量的信息系统评估方法,并对评估方法进行了对比分析,从而有利于信息系统评估工作在我国的推广应用。
On the basis of the analysis of information system accident,a systemic description is carried on the model of information system risk assessment as well as the procedure of information system risk assessment. At the same time,this article also recommended some tools which can be used for information system risk assessment,but it lays stress on the qualitative analysis and quantitative analysis of information system risk assessment used in the common daily safety management,and a contrast of the assessment methods has been contrasted at the end of this article.On such foundations,the information system risk assessment would be carried out in all over the China.
出处
《网络安全技术与应用》
2006年第11期32-34,共3页
Network Security Technology & Application
关键词
安全
风险
风险评估
风险计算
Safety
risk
risk assessment
risk computation
