摘要
构建信息安全管理系统(ISMS)是提升组织信息安全防护能力的关键途径。近些年,随着信息安全等级保护任务的不断推进,ISMS和等级保护的结合受到了广泛关注。基于此,本文探讨信息系统安全保护措施落实情况,分析信息系统常见安全问题,提出等级保护测评中信息安全现场测评方法,以及优化信息安全现场测评的有效方式。
Building an Information Security Management System(ISMS)is a key way to enhance an organization's information security protection capabilities.In recent years,with the continuous advancement of information security level protection tasks,the combination of ISMS and level protection has received widespread attention.Based on this,this article explores the implementation of information system security protection measures,analyze common security issues in information systems,propose on-site evaluation methods for information security in level protection evaluation,and an effective way to optimize on-site evaluation of information security.
作者
李梦煜
LI Mengyu(Yunnan Lianchuang Wangan Technology Co.,Ltd.,Kunming Yunnan 650000)
出处
《软件》
2024年第4期89-91,共3页
Software
关键词
等级测评
信息安全
测评方法
level evaluation
information security
evaluation methods