Research On Information Security Risk Management Of D City Human Resources Data Center

With the continuous development of information technology,information technology has already permeated every area of society,and information security management has become a hot topic in society.Information system security management has become a national social security issues related to social stability and economic stability of the social issues,and information security management risk identification is an important part of information security management.As a manager and operator of information system,data center of human resources and social security of D city urgently needs to improve the level of information security management and establish a sound information security management system.Based on the standard of information security management and management model,this paper focuses on the identification,analysis and control of information security management risks and proposes the corresponding information security management system construction and safeguard measures.This paper is divided into the following aspects:First of all,the paper introduces the information security management system ISO27000,the protection of information security level,the PDCA cycle method,the Hall three-dimensional structure and the P2DR2 information security management model,and the risk analysis process,risk assessment process and risk control process in the process of information security risk management are described in detail;Secondly,through the detailed system investigation and analysis of the status quo of information security management in the Data center of human resources and social security of D city,the paper mainly introduces the current status of its information system and security management,and analyzes the status of information security management and technology,Data center information security management problems analysis and summary;Thirdly,based on ISO 27000 series standards and information security level protection,the dissertation combines information security management model with standardized information security risk analysis,assessment and control process to assess assets,threats and vulnerabilities within the scope of risk assessment Identify and analyze,calculate the value of information security risk by means of quantitative calculation,form information security risk assessment report,and propose corresponding information security risk control measures;At last,based on the information security risk assessment and control measures,combined with the actual situation,the corresponding information security management system construction and safeguards for the Data center of human resources and social security of D city,implementation and effect of the measures was briefly summarized.