高校财会信息安全保障体系的研究

On Financial Information Security Safety Systems for Universities

高校财务管理信息化在向着消除"信息孤岛"、逐步实现财务子系统之间贯通、实现对外公众服务,以及接受上级主管部门实时监控的方向发展。围绕这些新业务的安全需求,针对以往高校财务内网里独立运行的财会核算系统,发展到了通过校园网、互联网有机联系的各专项业务、网上缴费、网上预约报销、财会核算、银企直连、资金监控等多系统联动,对系统中的信息安全隐患进行了分析,依据"技管并重"的思路,提出了一体化的高校财务信息系统的信息安全纵深防御及安全管控防护体系,并对如何具体实施该纵深防御及安全管控防护体系的信息安全保障体系给出了一些步骤和建议。

The digitization of universities＇ financial management has oriented towards to eliminate ＂information island＂,and gradually realize the alignment between financial sub-systems,to offer public service under the real-time monitoring of governing organizations. Focusing on the safety requirement of these new businesses,this article has taken university A as an example to illustrate the typically related businesses in the financial management information systems,and analyzed the existing information safety issues in the systems. A holistic protective system has been put forward to realize an in-depth defense and security management for universities＇ financial information system,based on the principal of＂focusing on both technology and management ＂. with a number of concrete measures and suggestions on the implementation.