摘要
针对内部员工信息安全胜任评价这一重要问题,在分析内部信息攻击行为的特点及全面总结胜任特征相关研究成果的基础上,构建了内部员工信息安全胜任特征评价指标体系,在此基础上提出了组织内部员工信息安全胜任特征评价模型。模型基于安全风险防范思想,将评价环节分为两个环节,综合考虑了决策者制定决策偏好和候选员工的个性优势,更实际地反映了候选员工间的差别。最后通过案例分析验证了该评价模型的有效性和实用性。
In recent years, more and more evidence shows that the security of information systems and information management within the organization is a major security risk. Therefore, it is particularly urgent and important that internal staff shall be evaluated and a staff competenly information security responsibility is found to eliminate internal attack behaviours of employees and ensure the security of information systems and information manage- ment. Consequently information security competency evaluation for internal staff is an important issue. Under the analysis of the characteristics of the aggressive behavior from internal staff and a comprehensive summary of the competency research, internal staff information security competency evaluation index system is built. On this base, organization internal staff information security competency evaluation model is proposed. Based on safety and risk prevention thinking, the model divides the evaluation into two stages and takes into account the person- ality advantage of the decision makers in decision- making preferences and individuality advantage, which more realistically reflects the difference between the team members. Finally, the effectiveness and practicality of the evaluation model is verified through case analysis.
出处
《运筹与管理》
CSSCI
CSCD
北大核心
2014年第1期151-156,共6页
Operations Research and Management Science
基金
国家自然科学基金(71103048)
教育部人文社科基金(12YJC630131)
哈尔滨工业大学校基金(HIT(WH)X201102)
山东省社会科学规划研究项目(12DGLJ13)
