数据中心客户服务项目风险分析与控制方法应用的研究
发布时间:2018-09-11 09:18
【摘要】:信息技术(Information Technology, IT)已成为经济社会发展的强有力因素,近年来更是朝着云计算、大数据等高度集成化专业化的方向发展,众多依赖信息系统进行生产业务管理的企事业单位和政府部门逐渐的倾向将IT基础设施和IT信息系统部分或全部的外包给专业化的数据中心建设和运维。承载着众多客户信息系统的数据中心的作用与地位越来越重要,然而高质量的运维管理则是数据中心的生存之道,其中如何管控好数据中心各方面存在的风险将愈发显得重要。 本文通过理论与实践相结合的方式,研究了如何全方位的对数据中心客户服务项目进行风险分析与控制的方法应用。首先依照国际和国内相关标准来建立数据中心信息安全管理体系,通过专家访谈、实地勘察、查阅文档、发放调查问卷等方法对数据中心客户服务项目中所涉及的信息资产进行风险识别、风险评估,并根据风险评估的结果进行针对性的风险控制,并持续不断的进行改进。其次通过召开风险研讨会和发放调查问卷的方法来识别数据中心客户服务项目变更所带来的风险,根据层次分析法建立风险层次结构模型并计算出各风险因素的权重,从而可以根据权重大小进行相应的风险管控。两种方法相互结合就可以更加全面的对数据中心客户服务项目进行全方位的风险分析与控制,保证在数据中心运行的客户信息系统安全稳定的运行,使客户依赖信息系统运行的各项业务管理活动达到持续性的目的。文中最后通过以某个客户实际的案例进行举例阐述,详细描述了实际工作中如何将信息安全风险管理和项目变更风险管理相结合的对数据中心客户服务项目进行全方面的风险分析与控制,从而达到客户对信息系统风险管控的要求,并验证了本文运用方法的有效性和可行性。 本文的研究意在促进数据中心风险管理水平的提高,从而提高数据中心的整体的运维服务质量,希望能够加快我国数据中心行业风险管理的步伐与科学化,为整个IT外包服务业及其它相关行业开展风险管理提供借鉴和参考依据。
[Abstract]:Information technology (Information Technology, IT) has become a powerful factor in economic and social development. In recent years, it has become a highly integrated and specialized direction such as cloud computing, big data, etc. Many enterprises and government departments that rely on information system for production management tend to outsource some or all of IT infrastructure and IT information system to specialized data center construction and operation. The role and status of the data center, which carries many customer information systems, is becoming more and more important. However, high quality operation and maintenance management is the survival way of the data center, and how to manage the risks in all aspects of the data center will become more and more important. Through the combination of theory and practice, this paper studies how to apply the method of risk analysis and control to customer service project in data center. First of all, in accordance with the relevant international and domestic standards to establish a data center information security management system, through expert interviews, field surveys, access to documents, The information assets involved in the customer service project of the data center are identified, assessed, and the risk control is carried out according to the results of the risk assessment, and continuous improvement is made. Secondly, by holding the risk seminar and issuing questionnaire to identify the risk caused by the change of customer service project in the data center, the model of risk hierarchy structure is established according to AHP and the weight of each risk factor is calculated. Thus can carry on the corresponding risk control according to the weight size. The combination of the two methods can more comprehensively analyze and control the risk of the customer service project in the data center, and ensure the safe and stable operation of the customer information system running in the data center. Enable customers to rely on information systems to run the various business management activities to achieve the purpose of sustainability. At the end of this paper, an example is given to illustrate the actual situation of a customer. This paper describes in detail how to combine information security risk management and project change risk management to analyze and control all aspects of data center customer service project. In order to meet the customer's requirements of information system risk management, and verify the effectiveness and feasibility of the application of this method. The purpose of this paper is to promote the improvement of risk management level of data center, so as to improve the overall operation and maintenance service quality of data center, and hope to accelerate the pace and scientific of risk management of data center industry in our country. For the whole IT outsourcing service industry and other related industries to carry out risk management to provide reference and reference.
【学位授予单位】:中国科学院大学(工程管理与信息技术学院)
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP308
本文编号:2236272
[Abstract]:Information technology (Information Technology, IT) has become a powerful factor in economic and social development. In recent years, it has become a highly integrated and specialized direction such as cloud computing, big data, etc. Many enterprises and government departments that rely on information system for production management tend to outsource some or all of IT infrastructure and IT information system to specialized data center construction and operation. The role and status of the data center, which carries many customer information systems, is becoming more and more important. However, high quality operation and maintenance management is the survival way of the data center, and how to manage the risks in all aspects of the data center will become more and more important. Through the combination of theory and practice, this paper studies how to apply the method of risk analysis and control to customer service project in data center. First of all, in accordance with the relevant international and domestic standards to establish a data center information security management system, through expert interviews, field surveys, access to documents, The information assets involved in the customer service project of the data center are identified, assessed, and the risk control is carried out according to the results of the risk assessment, and continuous improvement is made. Secondly, by holding the risk seminar and issuing questionnaire to identify the risk caused by the change of customer service project in the data center, the model of risk hierarchy structure is established according to AHP and the weight of each risk factor is calculated. Thus can carry on the corresponding risk control according to the weight size. The combination of the two methods can more comprehensively analyze and control the risk of the customer service project in the data center, and ensure the safe and stable operation of the customer information system running in the data center. Enable customers to rely on information systems to run the various business management activities to achieve the purpose of sustainability. At the end of this paper, an example is given to illustrate the actual situation of a customer. This paper describes in detail how to combine information security risk management and project change risk management to analyze and control all aspects of data center customer service project. In order to meet the customer's requirements of information system risk management, and verify the effectiveness and feasibility of the application of this method. The purpose of this paper is to promote the improvement of risk management level of data center, so as to improve the overall operation and maintenance service quality of data center, and hope to accelerate the pace and scientific of risk management of data center industry in our country. For the whole IT outsourcing service industry and other related industries to carry out risk management to provide reference and reference.
【学位授予单位】:中国科学院大学(工程管理与信息技术学院)
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP308
【参考文献】
相关期刊论文 前10条
1 刘玉雪;王章虎;;层次分析法(AHP)在风险分析与评价中的应用[J];工程与建设;2008年01期
2 严复海;党星;颜文虎;;风险管理发展历程和趋势综述[J];管理现代化;2007年02期
3 刘相锋;;层次分析法在项目风险分析中的应用[J];甘肃农业;2006年03期
4 陈升;孔晓峰;叶代亮;;ISO/27001:2005的再认识和体会[J];电力信息化;2008年07期
5 谢喜丽;;项目风险管理发展历程及趋势[J];合作经济与科技;2010年14期
6 翟雪荣;刘志刚;卞春;;信息系统信息安全风险管理的发展趋势分析[J];农业网络信息;2007年12期
7 庄剑;项目管理过程中的风险分析与控制[J];中国勘察设计;2003年04期
8 杨晓兵;刘臣;;基于AHP和因果分析法的IT项目风险因素分析[J];科技创业月刊;2006年01期
9 刘成;;基于AHP的建筑施工企业ERP实施风险分析[J];科技管理研究;2009年09期
10 程瑜琦;朱博;;信息安全管理体系标准化概述[J];认证技术;2011年05期
,本文编号:2236272
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2236272.html
