| In recent years,China's comprehensive national strength has been increasing and its international status is increasing,and it plays a more and more important role in international affairs.As an important basic energy supply enterprise to support the economic and social development of the country,the development of the State Grid can not be ignored for the development of the country.However,with the frequent occurrence of cyber attacks at home and abroad,all countries have mentioned security issues at the national level.As one of the leading enterprises in the field of information technology,the State Grid has also attached great importance to safety issues.Many regulations and management methods have been issued to standardize information security and deal with various information security incidents.However,due to the continuous progress of science and technology,the threat of information security is constantly changing.In order to ensure that enterprises can maintain long-term and effective information security,in essence,it should be a process of management more than technology research.Based on the above background,in order to reduce the harm of information security to electric power enterprises,it is urgent to establish an effective information security management system according to the current situation of information construction of electric power enterprises and the information security requirements of State Grid.Based on the A power enterprise as an example,through field research and interviews,combined with the requirements of information security management of the company,and comparing the advantages and disadvantages of the typical theory of information security,the information security management system based on P20TPDR2 model,the management system with emphasis on personnel,operation and technical cooperation work play a role through team building,standardized operation manual,simple working process,great play to play in the management of information security in the role,to avoid the occurrence of heavy tools,light management phenomenon.At the same time,according to the implementation effect of the management system,the performance evaluation index is set up.Using Delphy method and analytic hierarchy process(AHP)to define the content and index weight of the index,through the quantitative evaluation results verify the information security management system in the information security work to guide enterprises in the process of effect,improve,and constantly improve the management system of the direction.By constructing the "133" information security management system,this paper has optimized the information security management of A power supply enterprises,alleviated the information security problems faced by enterprises,and promoted the continuous improvement of information security and protection capabilities of A power supply enterprises.At the same time,by establishing the corresponding performance evaluation index,it can effectively test the advantages and the improvement of information security management in A power supply enterprises,and point out the direction for its information security construction.It also has a certain guiding significance and reference value for the information security construction of other power supply enterprises and other domestic power companies. |
PDF Full Text Request