Research On Enterprise Information Security Management Evaluation

The application of information technology for enterprises to improve production efficiency,reduce operating costs,bring economic benefits at the same time,but also bring information security risks,commercial data leaks,program design defects,service paralysis,vulnerability attacks and other information security incidents occur from time to time.An enterprise wants stable operation and stable development,only by building good information security management can it lay a stable foundation for sustainable development.From the point of view of national economic development,only every enterprise to do their own information security management,do a good job in information security maintenance,create a safe network environment,can be conducive to the development of their own enterprises,so as to gradually promote the development of the national economy.How to accurately and systematically evaluate the level of information security construction is often a major difficulty in enterprise information security management.If we can do a good job in information security management evaluation,then the overall level of information security of enterprises will have evidence to follow.In this paper,enterprise A is selected as the research object for information security management evaluation.Firstly,by referring to domestic and foreign research literature and summarizing the research status,the relevant theories of information security management,evaluation and influencing factors are sorted out to lay A theoretical foundation for further analysis.Next to A initial research on enterprise information safety management,summed up A enterprise information safety management status,and then use analytic hierarchy process(ahp)and fuzzy comprehensive evaluation method is used to induce the qualitative evaluation of the reference standard,after get the fuzzy relationship matrix,cooperate the compare the weights of analytic hierarchy process(ahp),synthetic fuzzy comprehensive evaluation vector of each level as the evaluation results were analyzed,and the The evaluation results of enterprise A’s information security management are obtained.Finally,based on the evaluation results of A enterprise’s information security management,the existing problems of A enterprise’s information security management are analyzed,and suggestions for optimization and improvement are given.Through the paper,the following conclusions are drawn:(1)the information security of enterprise A has problems such as imperfect information organization structure,lack of information security management system,and weak information security awareness of enterprise employees;(2)After building the evaluation model,it is concluded that the information security level of Enterprise A is general and needs further improvement;(3)Put forward security improvement objectives around the construction of enterprise A’s information security,help Enterprise A’s information security management to further optimize,and build A security protection system in the current information age.The research provides reference for the evaluation and optimization of information security management in the same type of enterprises.