摘要
企业数据安全管理是保障企业数据安全的有效方式,推进企业数据安全管理应当以数据安全法律法规为基础,以数据安全管理计划为核心。有效的数据安全管理应当以有效防范和化解数据安全风险为导向,构建数据安全风险预防机制、识别机制和应对机制,具备数据安全管理规范、数据安全管理组织、数据安全教育培训、数据安全技术措施、数据安全审计、数据安全投诉与举报、数据安全风险评估、数据安全风险审查、数据安全内部调查、数据安全问责与惩戒、数据安全管理持续改进等核心要素,符合数据分类分级和全流程数据安全的基本要求。
Enterprise data security management is an effective approach to ensure enterprise data security.The promotion of enterprise data security management should be based on data security laws and regulations,with data security management plans as the core.Effectively preventing and resolving the risk of data security is the orientation of data security management.An effective data security management should include data security risk prevention mechanism,identification mechanism and response mechanism.With data security management norms,data security management organization,data security education and training,data security technical measures,data security audit,data security complaints and reports,data security compliance risk assessment,data security risk review,data security internal investigation,data security accountability and discipline,continuous improvement of data security management and other core elements.Data security management should meet the basic requirements of data classification and full-process data security.
作者
李华晨
Li Huachen(School of Law,People's Public Security University of China,Beijing 100038,China)
出处
《中国科技论坛》
CSSCI
北大核心
2024年第12期146-154,共9页
Forum on Science and Technology in China
关键词
企业数据安全
企业管理
数据安全风险
数据安全治理
Enterprise data security
Enterprise management
Data security risk
Data security governance
