1. The company set up an information security leading group, which is the highest decision-making body of information security, and has an office responsible for the daily affairs of the information security leading group.
2 information security leading group is responsible for studying major issues, implementing policies and formulating overall strategies. Responsibilities mainly include: according to national and industry information security policies, laws and regulations, examining and approving the overall strategic planning, management norms and technical standards of information security of the company; Determine the responsibilities of all relevant departments of the company's information security, and guide and supervise the information security work.
3. The information security leading group consists of two working groups: the information security working group and the emergency handling working group. The team leaders are all held by company leaders.
4. The main responsibilities of the Information Security Working Group include:
1) Implement the resolution of the company's information security leading group and coordinate and standardize the company's information security work;
2) According to the work deployment of the information security leading group, specifically arrange and implement information security work;
3) Organize to review the major information security work system and technical operation strategy, formulate the overall information security strategic plan, and supervise the implementation;
4) Responsible for coordinating and supervising the information security work of various functional departments and relevant units, participating in the security planning in the information system engineering construction, and supervising the implementation of security measures;
5) Organize information security inspection, analyze the overall situation of information security, and put forward security risk analysis report and preventive measures;
6) Be responsible for receiving emergency information security incident reports from all units, organizing incident investigation, analyzing the causes and scope of incidents, evaluating the severity of security incidents, and proposing preventive measures for information security incidents;
7) Report information security incidents to the information security work leading group and related departments and units at higher levels in a timely manner.
8) Track advanced information security technologies and organize information security knowledge training and publicity.
5. The main responsibilities of the emergency handling working group include:
1) to examine and approve the safety emergency strategy and emergency plan of the company's network and information system;
2) Decide to start the corresponding emergency plan, take charge of on-site command, organize relevant personnel to troubleshoot and restore the system;
3) Organize the testing and drills of information security emergency strategies and emergency plans every year.
6. The company shall designate the leader in charge of information to be responsible for the information security management of the unit, and be equipped with information security technicians. If conditions permit, an information security working group or office shall be set up to be responsible for the company's information security leading group and working group, and to implement the information security work and emergency response work of the unit.
Two. Key position
1. Set up key positions of information system and strengthen management, with system administrator, network administrator, application development administrator, security auditor and security administrator, requiring five people to be independent. Personnel in key positions must strictly abide by confidentiality laws and regulations and relevant information security management regulations.
2. The main responsibilities of the system administrator are:
1) is responsible for the operation and management of the system, and implements the detailed rules for the safe operation of the system;
2) Strict user authority management to maintain the safe and normal operation of the system;
3) Carefully record system security matters and report security incidents to information security personnel in time;
4) Supervise the safety of other personnel in the operating system.
3. The main responsibilities of the network administrator are:
1) is responsible for the operation and management of the network, and implements the network security policy and detailed rules for safe operation;
2) Configure the network parameters safely, strictly control the access rights of network users, and maintain the safe and normal operation of the network;
3) Monitor key network equipment, network ports and network physical lines to prevent hackers from invading and report security incidents to information security personnel in time;
4) Conduct safety supervision for other personnel operating network management functions.
4. The main responsibilities of the application development administrator are:
1) is responsible for strictly implementing system security policies in system development and construction to ensure the accurate realization of system security functions;
2) Before the system is put into operation, completely hand over the information related to the system security policy;
3) There is no "back door" in the system;
4) Keep the core technology of the system confidential.
5. The security auditor is responsible for auditing and supervising the events involving system security and the behaviors of various operators. Its main functions include:
1) according to the operator certificate number audit;
2) Audit according to operation time;
3) Review by operation type;
4) audit event type;
5) Log management, etc.
6. The safety administrator is responsible for the daily safety management activities, and its main responsibilities are:
1) Monitor the whole network operation and safety alarm information.
2) Conventional analysis of network audit information
3) Daily setup and maintenance of safety equipment
4) Implement the specific safety strategy formulated by the emergency center.
5) Report major network security incidents to emergency management institutions and leading institutions.