| 摘要: |
| 分析产生信息安全风险的原因,介绍了信息安全风险评估方法和评估工具,并尝试性地对广西自治区级电子政务网络平台进行安全风险评估。评估结果显示广西自治区级电子政务网络基本处于黄色预警等级,与网络信息系统的现状基本相符。 |
| 关键词: 信息安全 风险评估 方法 资产 威胁 脆弱性 |
| DOI: |
| 投稿时间:2006-07-21 |
| 基金项目: |
|
| Discussion and Practice of Information Security Risk Assessment |
|
CHEN You-chu
|
| (Guangxi Economic Information Center, Nanning, Guangxi, 530022, China) |
| Abstract: |
| The causes for the information security risks are discussed.The methods and tools which are used to assess information security risk are introduced.The risk of the provincial electronic government affair network of Guangxi is assessed.The result reveals that the risk is at yellow warning,and coincides with the real situation. |
| Key words: information security risk assessment method threat asset vulnerability |
