Studies On Information Security Management Evaluation Methods Of Information System In Scientific Research Institutions

With the constant upgrading of the software and hardware of the computer systems, the appearance of the diversified products, the expansion of the network, the overflowing of virus, the hacker activity's purposeless and no organization and the weakness of working persona's 1 security consciousness, the network system security becomes more and more complicated. Some scientific research institutions such as the Chinese Academy of Sciences begin to adopt ARP information system at present, to such a huge information system, the information of the information system are important which reflects the basic operation situation of the institutions, The accurate basic data and materials are most important because it is utilized to allocate resources rationally for leading's correct decision. the dependability and accuracy of information does not merely concern the Chinese Academy of Sciences' own stability and development, and also influences the whole country's economic security, scientific and technical innovation etc..Some possible risk within the system includes that our operator may operate by mistake, may be bribed or betrayed, and the system may be captured by the hacker or the virus and the system that we developed may be leaky,etc, all these can cause the system to be getting bad and lose the important information. In computer security incidents, the reason proportion which belongs to management is up to more than 70%, that is real information security needs systematic management to guarantee. So it is very essential to evaluate the information security from the aspect of management.This text analyzed the function and characteristic of ARP system of the Chinese Academy of Sciences, and it used evaluation process for reference, such as from analyzing the target of evaluation, confirming evaluation criterion, structuring evaluation index system to choose method of evaluation, and by Delphi and AHP method, the evaluation method and evaluation result of ARP information security management is confirmed, it will offer reference and scientific basis for the ARP information system' evaluation work in the future.