摘要
针对信息系统在上线后才进行安全测评所导致的诸多问题,研究信息系统入网安全测评,并结合PDCA过程模型,详细讲述了应用PDCA过程方法,建立信息系统入网安全测评管理机制的全过程,简要介绍了入网安全测评的结果判定并给出了判定的公式。已建立的入网安全测评管理的PDCA过程模型,将"技术+管理"的系统方法应用其中,对今后的信息安全管理体系建设起了很好的借鉴作用。
Due to the problems resulting from the postponed security evaluation for an already deployed information system,this paper studies a security evaluation mechanism for a non-deployed information system using the PDCA process model.The detailed process that applies the PDCA to the whole evaluation process is described and the formula to measure the evaluation results is given.The proposed PDCA-based network access security evaluation management model embodies the idea of integrating techniques with management,and provides a good reference for the future information security management system constructions.
出处
《电力信息化》
2012年第6期8-11,共4页
Electric Power Information Technology
关键词
入网安评
信息安全测评
PDCA
network access security evaluation
information security evaluation
Plan-do-check-action(PDCA)
