Many Victorian public sector agencies are now using the internet to improve the community’s access to information and to deliver services to their customers. Their use of the internet for internal purposes also continues to grow. As it does, so does the need for effective internet security to provide a reliable and problem—free environment for users, and to safeguard agency data.
This guide, and the supporting check list, serves as a practical resource for chief information officers, business managers, information technology staff and audit committees, to help assess and improve their agency’s internet security practices.
The guide sets out the main issues that need to be considered when assessing the effectiveness of security over an internet system. It provides a starting point for a planned and structured approach,at an “ overview” level, to such assessments. As agencies will have their own particular security needs and procedures, they should also consult with vendors, relevant regulatory bodies and information security organizations to obtain further information about the particular requirements of their specific systems.
This guide has been developed by the Victorian Auditor-General’s Office, drawing on work undertaken during recent audit examinations of internet security management across Victorian public sector agencies. Selected government departments and other agencies were also consulted during its development.
In producing the guide, we aim to raise awareness in all Victorian public sector agencies, Including local government councils,of good practices to address internet security threats and risks. These practices should form part of the broader security arrangements over agency information technology (IT) systems,which should address both internal and external security threats and risks.
求助高手,这是一本指南的前言,谢谢!
提高悬赏了,高手帮着看一下吧,谢谢!
本指南,和支持表单,充当首席信息官、业务经理、信息技术人员和审计委员会的一种有效资源,帮助评估和改善他们机构的网络安全的实践。
指南中列出了在评估互联网系统安全有效性时需要考虑的主要问题。它从一个纵览的层次上,为这些评估提供了一个有计划、有条理的方案的起点。由于各机构都有自己特定的安全需求和措施,他们也咨询供应商、有关监管机构和信息安全的组织,以进一步取得符合自己特定系统要求的具体信息。
本指南由维多利亚审计长办公室开发,在最近贯穿于维多利亚公共机构的互联网安全管理审计中贯彻实施。在其开发过程中,也征询的一些政府部门和其他机构的意见。
在指定本指导过程中,我们着眼于提高所有维多利亚公共部门机构的认识,包括地方政府议会,良好的实用于网络安全威胁和风险定位。这些举措构成了机构定位内外安全威胁和风险的信息技术系统的安全管理框架。
你看看翻译的像不像,像你就采用。
本指南,并支持检查清单,作为实际资源的首席信息官,业务经理,信息技术人员和审计委员会,帮助评估和改善他们机构的网络安全的做法。
指南中列出的主要议题需要时,必须考虑评估的有效性较安全的互联网系统。它提供了一个起点计划和有条理的方法,这样的评估在"概观(这个是个专业词,你自己填)"的水平。由于各机构都有自己特定的安全需求和程序,他们也应该征求厂商,有关监管机构和信息安全的组织,以获取进一步的了解,特别要求他们的具体制度。
本指南已开发维多利亚审计长办公室,在最近的审计检查互联网安全管理横跨维多利亚公共机构。选定的政府部门和其他机构也派在征询其发展。
在生产指导中,我们的目标是提高认识,在维多利亚州所有公共机构,包括地方政府议会,用最好做的法解决网络安全威胁和风险。这些做法应构成部分的更广泛的安全安排,机构的信息技术( IT )系统,而应针对内部和外部的安全威胁和风险。
有些词翻译的不贴切,自己再改下!
