摘要 |
A method for operating information security accomplishment indexes depending on the introduction of information security management system is provided to facilitate range setting of information protection management system through the information protection present condition diagnosis. Security policy and security procedure are revised(T16). Control is implemented in the task relating to the improved item relating to the control execution(T17). After the information protection result index is drawn based on the present condition diagnosis analyzed result, the present condition diagnosis analyzed result is drawn through measurement of the controlling effect according to the information protection result index and level(T22, 21-7). After the improvement plan is formulated through the present condition diagnosis analyzed result, the quantized security activities result is drawn through the application of the information protection result index of the improvement plan(28-1). |