通过信息安全等级保护提升信息系统管理水平  被引量：3

作　　者：余入丽 马先平 杨雅[1] Yu Ruli;Ma Xianping;Yang Ya(State Grid Huangshi Power Supply Company Information and Communication Branch,Huangshi Hubei 435000,China)

机构地区：[1]国网黄石供电公司信息通信分公司,湖北黄石435000

出　　处：《信息与电脑》2019年第7期196-197,共2页Information & Computer

摘　　要：随着科技的进步,企业办公信息化、智能化程度显著提升,随之而来的信息安全问题日益突出。企业经营考虑信息化设备创造的利益时,需兼顾互联网开放性造成的风险。针对以上问题,国家严格规范信息系统等级保护工作流程,根据系统的重要性和影响范围划分定级,按照系统级别的不同实施区别化管理。此外,依照信息系统等级保护工作的"三同步"原则(同步规划、同步设计、同步投入运行),在信息系统应用建设的各环节进行标准化管理,规范了信息系统事件的定级、测评、备案、安全整改以及职责等工作标准,同时,明确了检查考核、管理与技术措施,促进供电企业信息专业能力不断提升,充分调动公司各专业的积极性和协调性,有效提高公司信息系统安全管理水平和保护能力。With the progress of science and technology, the degree of office informatization and intellectualization in enterprises has been significantly improved, and the information security problems have become increasingly prominent. Enterprises should take into account the risks caused by the openness of the Internet when they consider the benefits created by information equipment. In view of the above problems, the state strictly standardizes the work flow of information system hierarchical protection, classifies and classifies the information system according to its importance and scope of influence, and implements differentiated management according to the different levels of the system. In addition, according to the "three synchronization" principle of information system hierarchical protection (synchronous planning, synchronous design and synchronous operation), standardized management is carried out in all aspects of information system application construction, standardized the working standards of information system event classification, evaluation, filing, security rectification and responsibility, and at the same time, defined the inspection, assessment, management and technical measures to promote the development of information system. The information professional competence of power supply enterprises has been continuously improved, and the enthusiasm and coordination of various professions of the company have been fully mobilized, so as to effectively improve the safety management level and protection ability of the company's information system.

关 键 词：信息安全 等级保护 信息系统管理 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]