Information Security Awareness资讯安全认知.pptVIP

Information Security Awareness資訊安全認知 Ruey-shiang Shaw 蕭瑞祥 General Secretary, CSIM Chairman, IM, Tamkang University Elicitation of Research Topics Information Security Platform Problems Why ING needs the information security platform ? What are the differences between e-learning and information security platform ? Systems Development inInformation Systems Research The Integrated Framework of Information Security Awareness Situation Awareness Research Design What is your opinion? The Evaluation Form of Information Security Awareness NIST SP800-16 Research Design What is your opinion? Conclusion Research topics elicited from projects. Extended to a integrated framework. Referred to other research fields. Be skillful at research methodologies. * * * 2006.09.29 Information Security Awareness National Information Security Project ING Information Security Project Information Technology, Learning, and Performance Journal JAY F. NUNAMAKER, JR., MINDER CHEN, and TITUS D. M. PURDIN Journal of Management Information Systems I Winter 1990-91, Vol. 7, No, 3, pp. 89-106. Information Security Awareness Platform Evaluation of Organizational Information Security Awareness Materials and Methods for Information Security Awareness 決策 行為成效 情 境 認 知 未來預測 Level 3 現況了解 Level 2 元素知覺 Level 1 系統功能 介面設計 壓力/工作負荷 複雜度 自動化 目標 預期 環境 狀況 能力 經驗 訓練 個人因素 作業或系統 因素 長期記憶 自動性 資訊處理機制 Endsley, M.R. and Garland D.J (Eds.) (2000) Situation Awareness Analysis and Measurement. Mahwah , NJ：Lawrence Erlbaum Associates, 1.2.2 I understand the meaning of ‘procedures define the technical and procedural safeguards that have been implemented to enforce the specified policies’ in the concept of ‘Policies and Procedures.’ 1.2.1 I understand the meaning of ‘IT security safeguards are intended to achieve specific control objectives’ in the concept of ‘Policies and Procedures.’ 1.2 Policies and Procedures 1.1.1 I u