Title page for etd-0730108-112423


[Back to Results | New Search]

URN etd-0730108-112423
Author Ruei-shian Hu
Author's Email Address No Public.
Statistics This thesis had been viewed 5636 times. Download 21 times.
Department Information Management
Year 2007
Semester 2
Degree Master
Type of Document
Language zh-TW.Big5 Chinese
Title Information Security Risk Assessment Model – A Case Study of a Semiconductor Assembly Company
Date of Defense 2008-06-12
Page Count 125
Keyword
  • Assets Threats
  • Assets Vulnerability
  • Assets Evaluation
  • Risk Assessment
  • Information Security
  • Abstract The information security incidents have most often been reported. The loss of enterprise operation is more and more serious because of information security incidents. There are more and more operation risks happening inside the enterprise because of such informational and electronic transformation. Consequently, the requirement to have an effective management framework of information security is more and more urgent.
    The research adopts the international standard ISO 27001 as the foundation of the information security management framework. And then, risk assessment is the main process of the informational security management framework. This process includes five stages: identification and classification of information assets, value evaluation of information assets, vulnerability assessment of information assets, threats assessment of information assets, and measurement of information security risks. The operational definition, implementation steps and measurement of the information security risks are worked out through review of relevant literature and interview with experts in the semiconductor assembly company. Finally, the experts of the consulting firm of the informational security are entrusted to verify the availability of the model. The result of this informational security risk assessment model will be used as the basis for future improvement.
    It is hoped that this research can offer a guideline for the information security risk assessment suitable for the semiconductor company and can be used as a reference for internal auditors and management.
    Advisory Committee
  • Chia-Mei Chen - chair
  • Fen-Hui Lin - co-chair
  • Hsin-Hui Lin - advisor
  • Files
  • etd-0730108-112423.pdf
  • indicate in-campus access in a year and off_campus not accessible
    Date of Submission 2008-07-30

    [Back to Results | New Search]


    Browse | Search All Available ETDs

    If you have more questions or technical problems, please contact eThesys