分类号密级
U D C 学校代码10500
硕士学位论文
题目 股份制商业银行信息安全战略管理研究
英文题目Researchoninformationsecuritystrategy
managementofjointstockcommercial banks
研究生姓名（签名）
指导教师姓名（签名） 职 称副教授
申请学位学科名称工商管理 学科代码 1251
论文答辩日期 20180525 学位授予日期20180611
学院负责人（签名）
评阅人姓名徐锐评阅人姓名明均仁
2018年3月10日
学位论文原创性声明和使用授权说明
原创性声明
本人郑重声明：所呈交的学位论文，是本人在导师指导下，独立进行研究工作所取
得的研究成果。除文中已经标明引用的内容外，本论文不包含任何其他个人或集体已经
发表或撰写过的研究成果。对本文的研究做出贡献的个人和集体，均已在文中以明确方
式标明。本声明的法律结果由本人承担
学位论文作者签名：日期： 2018 年06月 11 日
学位论文版权使用授权书
本学位论文作者完全了解学校有关保留、使用学位论文的规定，即：学校有权保留
并向国家有关部门或机构送交论文的复印件和电子版，允许论文被查阅和借阅。本人授
权湖北工业大学可以将本学位论文的全部或部分内容编入有关数据库进行检索，可以采
用影印、缩印或扫描等复制手段保存和汇编本学位论文
学位论文作者签名：指导教师签名：
日期： 2018年 06月11 日日期： 2018年06 月 11 日
I
摘要
金融业是现代经济的核心，信息安全战略管理则是金融业安全、健康发展的
关键所在。银行、证券、保险以及其他一些金融企业，在保障商品交易和贸易顺
利进行、促进经济发展、维护社会稳定、优化社会资源配置等方面起到重要的作
用。与传统金融业相比，现代金融业作为知识密集型产业，在组织结构、业务流
程和业务拓展等方面，充分体现了知识和信息的重要性。金融业的这种行业属性
决定了其发展必须以飞速发展的信息技术为支撑，并且不断强调信息安全、网络
安全、系统安全。金融信息化是现代金融市场的重要基础，只有推进金融信息化，
才能不断促进金融，打造我国金融企业的核心竞争力，以适应时代发展的要求
在现代信息技术环境下，国内的股份制商业银行并没有形成较为统一的信息安全
战略管理办法：在企业内部没有建立相应的独立监管机构，从而对信息安全现状
进行了解，并且监督与评价其效果、也并未建立较为全面的信息安全制度体系、
信息的安全风险评估标准以及监控平台并未统一等等
股份制商业银行在金融系统组织中属于较为复杂的组织，信息安全管理体系
也是依据复杂的战略构建体系。建立与运行相应的信息系统，对于国内股份制商
业银行来说，对银行信息的安全管理进行整体的规范，从而对银行开展的各项业
务进行协调，对银行现有的信息资产进行保护、对银行所面临的信息风险进行掌
控，进而增加银行与外部市场之间的联系度，达到组织价值的提升
在研究过程中，论文依照现有的信息安全背景以及需求，并且对国内外相关
文献进行归纳整理与分析，并且与M银行的主要现状进行结合，对信息系统的管
理提出了建议与意见，并且提出了较为详尽的战略管理策略实施方案。本次研究
主要按照信息安全的研究背景、对其理论进行阐述、对其现状进行调查、发现相
应的问题并分析、提出解决问题的方案、方案的设计与建设阶段、研究的成果以
及展望。纵观全文的实现过程，企业战略成为研究的关键所在，结合了信息安全
方面的国内外相关理论以及标准，并且从管理以及可实现的角度，研究了M银行
的整体信息安全战略，并且提出了一个与之对应的可以逐渐完善的发展战略
关键词：股份制商业银行；信息系统；安全战略
II
Abstract
The financial industry is the core of the modern economy, and the strategic management of the
information system security is the key to the security and healthy development of the financial
industry. Banks, securities, insurance and other financial businesses play an important role in
ensuring the smooth progress of commodity trading and trade, promoting economic development,
maintaining social stability and optimizing the allocation of social resources. Compared with
traditional financial industry, modern financial industry, as a knowledge intensive industry, fully
embodies the importance of knowledge and information in terms of organization structure, business
process and business expansion. The industry attribute of financial industry determines that its
development must be supported by the rapid development of information technology, and constantly
emphasizes information security, network security and system security. Financial informatization is
the important foundation of modern financial market. Only by promoting financial informatization
can we constantly promote finance and create the core competitiveness of China's financial
enterprises to meet the requirements of the development of the times. In modern information
technology environment, domestic joint-stock banks have not formed the information system
security strategy management approach is more uniform：no relevant independent regulatory bodies
in the enterprise, so as to understand the status of information security, and the supervision and
evaluation of its effect, did not establish information security system, more comprehensive
information security risk assessment standards and monitoring platform is not unified and so on.
Joint stock banks are more complex organizations in the financial system, and the
information security management system is based on the complex strategic system. The
establishment and operation of information system for the domestic joint-stock banks,
the safety management of the bank information of the whole of the standard, so as to
coordinate the business of banks, the bank's existing information assets to protect the
banks face the risk of information control, thus increasing between the bank and the
external market connection degree, to enhance the value of the organization.
In the course of the study, according to the information system security background
and existing needs, and the related literature at home and abroad were summarized and
analyzed, and the main status and XX bank are combined, and puts forward some
suggestions and opinions on information system management, and put forward the
implementation of strategic management strategy detailed plan. This study mainly
according to the theories research background, information system security discussion
and investigation, found the corresponding problems and analysis, propose solutions to
the problem, the design and construction stage, research results and the prospect of its
status quo. The implementation process throughout the text, corporate strategy has
become the key of research, combined with the security of information theory at home
and abroad as well as the standard, and from the management and can realize the angle
of study of the overall information security strategy of XX joint-stock banks, and puts
forward a can gradually improve the corresponding development strategy.
Key words：joint-stock banks； information system security strategy；security strategy
management。。。。。。