摘要
随着行业信息化程度的日益发展与提高,越来越多的企业已经认识到信息安全建设的重要性。然而,究竟如何才能最大可能地保护企业网络的安全性,最大限度地降低或者转移安全风险,减少或者避免安全事故的发生呢?从业务安全建设、运营安全建设、内控安全建设三个方面阐述了行业信息安全体系建设的模式和思路,并对运营安全建设进行了重点论述。
With the rapid development of industrial informatizion,more and more enterprises have realized the important of information system secutiry.However,how to try our best to protect enterprise network security,and how to reduce or transfer the security risk, and reduce or avoid the security accidents? This article describes in detail modes and methods of industrital informatizion, including the applications security and operation security and internal control security,and discusses especially the operation security.
出处
《计算机安全》
2009年第8期67-69,共3页
Network & Computer Security
关键词
信息安全
风险评估
安全运营监测
内部控制框架
information security
risk assessment
security operation monitoring
internal control framework
