基于AP2DR2A+ET的企业信息安全框架研究

Research on information security architecture of enterprise based on AP2DR2A+ET

经济全球化、互联网时代,信息成为企业市场竞争核心资源。企业信息化过程中,面临各种信息安全风险。文章通过分析企业信息安全建设普遍存在的问题,提出AP2DR2A+ET信息安全模型。在AP2DR2A+ET模型基础上,设计出企业信息安全框架。该框架实现了企业组织与人员、信息安全管理、信息安全技术三方面因素整合,实现了信息安全管理体系、信息安全技术体系、信息安全运维体系的统一,对企业信息安全建设具有指导意义。

Economic globalization of the internet era,information has become the core resource of the enterprise market competition.Enterprise will face all kinds of information security risks in the process of informationization.This paper puts forward the AP2DR2A＋ET information security model by analyzing the common problems of enterprise information security construction.Based on the AP2DR2A＋ET model,the enterprise information security architecture was designed,it integrates the three aspects of enterprise organization and personnel,information security management and information security technology,and makes the information security management system,the information security technology framework and the information security operation system to unify,In order to provide reference for the construction of enterprise information security.