还剩16页未读,继续阅读
本资源只提供10页预览,全部文档请下载后查看!喜欢就下载吧,查找使用更方便
文本内容:
信息系统管理程序
1.目的Purpose:说明信息系统之采购、维护、管制,以确保对信息系统进行有效监控,保障信息安全Explain procurement,maintenance,control of information system,in orderto controleffectivelyof the information systemand ensurethe informationsecurity,
2.适用范围Scope:
2.1公司现有信息系统Companys existing information system
2.2公司外购之软硬件及外包之各项信息服务The information service andoutsourcing hardwareand software.
3.信息管理制度Information management system
3.1资产管理Asset Management
3.
1.1采购Procurement
3.
1.
1.1需求部门提出申购请求,并说明其要求,经IT部统一确定具体配备后,方可进行采购Demand departmentproposed purchase request,and therequest,the IT department todeterminethe specificequipment,and topurchase.所有软件及各项专业信息服务的采购应在相关部门配合下,由IT部主导负责All thesoftware and all kindsof professionalinformation serviceFollowthe principleof storage,and requiresplanning properly,make thefilehierarchy.
3.
3.2上网Surf the Internet
3.
3.
2.1因业务需要,需上网用户申请由公司高层授权后,由IT部为起开通InternetoIf needany business needs,Internet usersneed to apply to authorized by the company,open byIT Dept.
3.
3.
2.2任何职员皆不得浏览黄色反动或其它内容不健康的网站,更不得私自下载相关资料,以公司名义订阅诸如免费邮件杂志之类的服务,违者重罚Any memberof thestaff are not allowto browseyellow reactionary or othercontentis nothealthy,can notdownload therelated informationprivately,subscribe tosuchfree magazinesemail servicesin the name ofa company.
3.
3.
2.3防火墙是保护公司免受外界网络偷袭的重要工具,IT部职员不得擅自改变其配置,如需改变,需经部门主管同意Firewall isan importanttool toprotect companiesfrom outsidenetwork attack,ITstaff shall not arbitrarilychange theconfiguration,if need to change,need theconsent of the department head.
3.
3.3电脑设置的更改Change the computer settings
3.
3.
3.1使用人员不得擅自改变原有电脑软/硬件设置,所有设置的改动必须提出合理理由,并由信息管理人员负责更改The use of personnelare not allowed to change the original computersoft/hardwaresettings,all theconfiguration changes must be reasonable grounds,and changebythe information management personnel.电脑设置更改所指的范围1登录表2重要的ini文槽3网络4打印机、上网装置及其它外设5其它将对系统性能有影响的改动The scopeof computer settings referto:1login Table2important inidocument3network4printer,Internet devices and other peripherals5other changeswillhave animpact on the system performance.
3.
3.4其它other
3.
3.
4.1严禁安装,玩任何游戏Do notinstall,play anygame.
3.
3.
4.2下班之后,IT部须检查相应设备并确认无隐患之后,锁好相应设备及微机房,绝不允许任何人独逗留在信息室After work,IT departmentshall checkand confirmthe corresponding equipment hiddentroublefree,lock thecorrespondingequipmentand computerroom,will neverallowanyone toonly stay in theinformation room.Information managementsystem
1.Purpose:The informationsystem of the procurement,maintenance,control,in orderto ensureeffectivemonitoring ofinformation systems,the protectionofinformationsecurity.
2.Scope:
2.1Company sexistinginformationsystems.
2.2outsourcing ofhardware,software andoutsourcing services.
3.Information managementsystem
3.1Asset Management
3.
1.1Procurement
3.
1.
1.1Demand departmentpurchaserequest,and itsrequirements,identifyingspecific with the IT department unifiedbefore purchasing.
3.
1.
1.2All software and professionalservices procurementin cooperationwith therelevant departments,led by the IT department isresponsible for.
3.
1.
2.3appraisal softwareand informationservices shouldfocus onto testitssafety,versatility,general compatibilitywith existingsystems and servicesResponse speed,ease ofuse.
3.
1.2Consuming
3.
1.
2.1In additionto thecommon officesoftware,andavariety ofother softwareinstalledby theuser departmentstoapplyaudit by the IT department andperformthe installation.
3.
1.
2.2If acomputer deviceno longerhas valuein use,but canstill continueto use,the deviceshould be handed over to the IT department,conducted bythe ITdepartmentat Management.
3.
1.3routine maintenance
3.
1.
3.1computer hardwareand softwarefailure occurs,you should immediatelyterminate yourcomputers operating,and notifyIT staff,unless there is absolutecertaintytroubleshooting NoShall notrepair itself,so asnot toexpand.
3.
1.4Maintenance System
3.
1.
4.1computer usersis thedirect responsibilityof maintenancepeople shouldtakegood careof yourcomputer andperipherals.
3.
1.
4.2shall notpossess mobilecomputers and related equipment,more shall notpossess pluggablerelated equipment,dismantling the computer,if unusual,it istimelyNotify the IT department.
3.
1.
4.
31.
4.3should payattention to maintaining thecleanliness of computerappearance often wipe notuse the computer toturn off the power.Power switch,usingthe keyboard,mouse Needlessto vigorouslystandard,and otherperipherals.
3.2Data securitymanagement
3.
1.1Virus PreventionThe
3.
2.
1.1source of the virus,mainly in the followingseveral ways:floppy disks,Internet downloads,e-mail.
1.
2.
1.2All computer,such asnon-special needsare notreserved to the floppy diskdrive and CD-ROM drive.External disksincluding floppy disk and CD-ROM
3.
2.
1.3shall not be broughtinto the company,more may not bedisk withfactory.
3.
2.
1.4All sourcesunknown program,are notallowed to install anduse,if itproves necessary,the auditbythe IT department and confirmbefore usenon-toxicafter.
4.
2.
1.5assigned mailbox,receive asuspicious e-mail,should notifythe ITdepartmentfor the first timefor processing.
5.
2.
1.6principle,each computerare requiredtoinstallthe anti-drug programbythe IT staff responsiblefor updatingthe viruscode,and the need toexecutethe programautomatically.
6.
2.
1.7Do notuse,write yourown theillegal harmbusiness datasecurity ofallkinds ofprocedures.
3.
1.2Virus Treatment
1.
2.
2.1as suspicious phenomenon should immediately stop the workand notifytheIT departmentfor thefirst time,to facilitatethe IT department dealtwithaccordingly.
3.
2.
2.2IT Ministryreceived therelevant alerts,need anti-virus beforetherelated important business databackup and disconnect associatedwith thecompanysnetwork Connection.
4.
2.
2.3,if any,can notsolve the virus,you should notice theuse ofpersonnelexposed tocomputer,and orderedthat itshould notuse the computer,and hasBillionGarment Guangzhou Limited informationmanagementsystem version number:
1.0Effective date:2010-8-2Pages:23Preparation:Kingdom redand approval:Back upimportant data on the computer after thecomputerdisk formattingor payprofessionalinformation companyprocessing.
3.
1.3information confidential
3.
2.
3.1disk usageThe
3.
2.
3.
1.1company informationleaks Network,document copying,printing,theft,impersonating anotherperson login.
3.
2.
3.
1.2copy datarequired diskcan notuse ourown disk,you need to be obtainedfrom the IT departmentor designated management department.Before use,requiredby the IT Ministryconfirmed non-toxic.After thecompletion of the work,the ITstaffsupervision,the copyof thefile onthe diskdata deleted,and thusBankconfirmed registration,the diskcross the ITdepartmentor designated managementdepartment.
3.
2.
3.
1.3own U disk into the plantor portableUdiskfactory is strictlyprohibited.
3.
2.
3.2Internet use
3.
2.
3.
2.1All use of thecomputer to the Internet,are requiredto gothroughthe firewall to theInternet,no personshall secretlyset upa proxy IP.
3.
2.
3.3network filesystem
3.
2.
3.
3.1departments ofcomputer useprocessingbusiness datamust be stored ona network file server,and specific storage pathbyIT personnelspecified.
3.
2.
3.
3.2a password system should be properlyformulated,non-information officerassignedpasswords to others,non-peep,decipher,guess othersPassword Do not stealother peoples accountslogin corporatenetwork.
3.
2.
3.
3.3To deleteimportantbusiness documents,should becareful.Deleted,youshould immediatelygo to the〃Recycle Bin〃view,in whichBecompletely deleted.
3.
2.
3.4Encryption
3.
2.
3.
4.1For thecompany datais encrypted,must be reported bythedepartmentheadapproval andpassword informthe specified management departmentand ITdepartment,Passers passwordchange shallagain reportedto thedesignated managementdepartmentand the ITdepartment.
3.
2.
3.
4.2employees leaveor transfer,should bedone to the handoverof thepassword.This handoveris required by itsdepartment directoror managerforverification toconfirm.
3.
2.
3.5Other
3.
2.
3.
5.1allowed tobe installedusing anythe eavesdroppingnetwork or remoteprocedures manipulatingothers computers,without written consentof the ITdepartment,The machineresources may notbeshared with others.
3.
2.
3.
5.2When touse personnelneed to leave yourcomputer,such asthe timeofdeparture lessthan15minutes,should closebusiness data.
3.
2.
3.
5.3Whether toleave the workplace,how longis requiredprintouts andotherdata upto notallow long-term exposure tothe table tocontribute toreducingthe numberAccording peekprobability,important documentswill notoutput totheto otherdepartments printerprint outputif itprovesnecessaryto otherdepartmentsprinter inAfter the print jobis immediatelytotheprinter wherethe departmenttorecover intime prints.
3.
2.4Data Security
3.
2.
4.1of the same document name,maynothave multipledifferent versionsof content.When thesame datacontent,should nothave moredifferent from the nameof thedocument.
3.
2.
4.2IT Departmentshould duplicatebackup of company dataevery day,a storeonthe servermachine,the othershould be stored on another serverOn.
3.
2.
4.3s importantbusiness applications,such asEmail andWeb servermust bethe focus ofregulatory diligentbackup.
3.3Other managementsystem
3.
3.1Computer Content
3.
3.
1.1Private
3.
3.
1.
1.1private datacan notbe storedonthecompanys server.
3.
3.
1.
1.2private datashall nothave anyintroduction disturbing content,and maynotbe printed.
3.
3.
1.2Company Profile
3.
3.
1.
2.1store need to followdistinct aforementionedrelated storageprinciplesand requirementsfor properplanning,so thefile level.Billion GarmentGuangzhouLimitedinformationmanagementsystemversionnumber:
1.0Effective date:2010-8-2Pages:3of3Preparation:Kingdom redand approval:
3.
3.2Internet
3.
3.
2.1due tobusinessneeds,you needInternet userapplication authorizedbycompany executives,fromtheopening of theInternetbytheITdepartment.
3.
3.
2.2any staff are maybrowse thewebsite yellowreactionaryorother unhealthycontents,shallnotpossess todownload therelevant information,thenameof thecompanySubscribers such as freee-mail magazinelike services,and offendersaresubject toheavy penalties.
3.
3.
2.3firewall isan importanttool toprotect thecompany fromthe outsidenetworkattack,theITdepartment staffare notallowed to change itsconfiguration,For achange,the need to Bydepartment headsagree.
3.
3.3computersettingschanges
3.
3.
3.1use ofpersonnel willbe allowed tochangetheoriginalcomputer hardware/software settings,all settingchangesmustbereasonablegrounds bytube Themanagementpersonnel responsiblefor thechange.
3.
3.
3.2computers settochangewithin themeaning ofthe range:1Login2important inidocument3network4printers,Internet accessdevicesandotherperipherals5Other changeswill affectsystemperformance.
3.
3.4Other
3.
1.
1.1to noninstallation,play anygame.
3.
1.
1.2after work,IT mustcheck theappropriate equipmentand theappropriateequipment andcomputer roomsafter confirmingthat nohidden,locked,and neverallowanyone tosingle Alonestayin theinformationroom.procurement should be withthe coordinationoftherelevantdepartments,the Ministryresponsiblefor IT.考核软件及信息服务时,应重点检验其安全性、通用性、一般性,与现有系统的兼容性及服务的响应速度,使用上的易用性Evaluation ofsoftwareand informationservice,shouldbethefocusof inspectionofits safety,general,response speedand compatibilityandserviceoftheexistingsystem,ease ofuse.
3.
1.2领用use
3.
1.
2.1除常用办公软件外,其它各种软件的安装,需由使用部门提出申请,由IT部审核并执行安装Besides thecommon officesoftware,other softwareinstallation,need toapply bytheuseofdepartment,performed bytheITdepartment toexamine andinstall.若某电脑设备已不再具有使用价值,但仍可继续使用,应将该设备移交至IT部,由IT部进行处理If acomputer equipmenthas nouse value,but cancontinue tobe used,the equipmentshouldbehandedover totheITdepartment,processed byIT.
3.
1.3日常维护routine maintenance
3.
1.
3.1电脑发生软硬件故障时,应立即终止电脑作业,并通知IT人员,除非有绝对把握解决故障,否则不得自行修理,以免使问题扩大Computer softwareand hardwarefault,should immediatelystop thecomputer operation,and notifytheIT personnel,unless thereis sureto solvethe fault,otherwise cantrepair byself,so thatthe expansion.To avoidthe problemsexpand
3.
1.4保养制度Maintenance System
3.
1.
4.1电脑使用者是直接的保养责任人,应爱护电脑及外围设备Computer usersare responsiblefor maintenancedirectly,should carefor thecomputerand peripheralequipment.不得私自移动电脑及其相关设备,更不得私自插拨相关设备,拆卸电脑,如有异常问题,应及时通知IT部staffare notallowed to movethecomputerandrelatedequipment,more can not plugequipment,remove thecomputer,if abnormal,should informtheITdepartment.应注意保持电脑外表洁净,时常擦拭,不用电脑时要关闭电源开启电源开关、使用键盘、鼠标及其它外设时勿需大力Attention shouldbe paidtomaintainthecomputerkeep clean,oftenwipe,computerneed toshut offthe powerwhen dont need touse.Turn onthe powerswitch,theuse ofkeyboard,mouse andotherperipheralswithout vigorously.
3.2数据安全管理Data securitymanagement
3.
2.1病毒防范Virus Prevention
3.
2.
1.1病毒的来源,主要有以下几条途径软磁盘、Internet下载、电子邮件The sourceofthevirus,mainly inthe followingways:floppydisk,Internet download,email.所有电脑,如非特别需要,皆不得保留软磁盘驱动器及光盘驱动器All thecomputer,with nonspecial needs,arenotallowed toretain thefloppy diskdriveandCD-ROM drive.
3.不得将外部磁盘包括软盘及光盘带进公司,更不得将公司磁盘带出厂Shall notbring theexternal diskincluding thefloppydiskandCD-ROM intothecompany,and bringout offthecompany.
3.
2.
1.4所有来源不明程序,均不得安装使用,如确需使用,需由IT部审核,并确认无毒之后方可使用All theunknown sourceprocedures,arenotallowedtoinstall anduse,use asneeded,required bytheITdepartment toexamine,and confirmthe non-toxic beforeuse.
3.
2.
1.5公司分配的邮箱,如收到可疑邮件,应于第一时间通知IT部进行处理The mailboxdistribute bycompany,if receivedsuspicious mail,should notice theIT processingthefirst time.
3.
2.
1.6原则上,每台电脑皆须安装反毒程序,由IT人员负责更新病毒代码,并需自动执行该程序In principle,each computermust installantivirus program,ITpersonnelresponsiblefor updatingtheviruscode,and automaticexecution ofthe program.
3.
2.
1.7严禁使用,自行编写违害公司业务数据安全的各类程序It isprohibited touse,write theirown breachof securityservice dataagainstcompanies ofvarious procedures.
3.
2.2病毒处理Virus Treatment
3.
2.
2.1如发现可疑现象,应立即停止该项工作,并于第一时间通知IT部,以利IT部作相应处理If findsuspiciousphenomenon,shouldimmediatelystopthework,andinformthe ITdepartmentinthefirsttime,so thattheITdepartment canmake correspondingprocessing.
3.
2.
2.2IT部在接到相关警讯后,在杀毒之前需对相关重要业务数据进行备份,并断开与公司网络的联接IT Dept,after receivingthe warningrelated,in anti-virus beforetheneedfor backupof important data,anddisconnectthe connectionwiththecompany network.
3.
2.
2.3如有不能解决的病毒,应通知该染毒电脑的相关使用人员,命其不应再使用该电脑,并在已将该电脑上重要数据备份之后,将该电脑磁盘作格式化或交专业信息公司处理If thevirus cannotsolve,noticetherelevant personnelwhose computerwas infected,ask themdo notuse thecomputer,and afterthe backupofimportantdataonthecomputer,thecomputerneed todisk formatsor handovertoprofessional InformationCompany.
3.
2.3资料保密information confidential
3.
2.
3.1磁盘使用disk usage公司资料泄密的主要途径是网络、文档复制、打印、偷窃、仿冒他人登录The mainway ofcompany informationdisclosure isthe network,copy,print,theft,counterfeit otherlogin.拷贝数据所需磁盘,不能使用自有之磁盘,需向IT部或指定管理部门索取使用前,需由IT部确认无毒完成工作之后,须在有IT人员监督的情况下,将该磁盘上所抄的档案数据删除,并进行相关确认登记工作后,该磁盘交IT部或指定管理部门.disk forcopy neededdata,can tuse itsown disk,needtobeobtainedtotheITdepartment or designatedmanagementdepartment.Before use,needtoconfirmednon-toxic byIT Department.Having finishedwork,must deletedata copyofthefileson thisdisk underthe supervisionof ITpersonnel,and confirmthe registrationworkby relatedrecord,give thedisk toITdepartmentordesignatedmanagementdepartment.
3.
2.
3.
1.3严禁自带U盘入厂或携带U盘出厂Forbidden tobring Udisk intothe factoryor carryingthe Udisk outoffthefactory.
3.
2.
3.2Internet使用Internet use
3.
2.
3.
2.1所有使用Internet之电脑,皆须经过防火墙来上网,任何人不得私自设置代理IPoAll useInternet computer,must tothrough afirewalltosurf theInternet,no oneisallowedtoset theproxyIP.
3.
2.
3.3网络文件系统Network filesystem
3.
2.
3.
3.1各部门的电脑使用人员所处理的业务数据均需存放在网络文件服务器上,具体存放路径由IT人员指定The business data ofvarious departmentsuse thecomputer processingshall bestoredon thenetworkfileserver,specificstoragepath specifiedbytheITstaff.应妥善制定密码制度,严禁将信息人员分配的密码告知他人,严禁偷看、破译、猜测他人密码,严禁盗用他人的账户登录公司网络Should beproperly setpasswordsystem,no informationpersonnel assignedto thepasswordto others,no peeking,decipher,guess otherspassword,isstrictlyprohibitedto stealotherpeoplesaccount tologin networkofcompany.
3.
2.
3.
3.3如需删除重要业务文件,应谨慎从事删除之后,应立即转到“资源回收筒”查看,并在其中将其彻底删掉To deletean importantbusinessdocuments,shouldbecautious.After thedeletion,Should immediatelygo tothe RecycleBin〃and check,and completelydeleted it.
3.
2.
3.4加密Encryption
3.
2.
3.
4.1如需对公司数据进行加密,需报经部门主管批准,并将密码告知指定管理部门及IT部,中途须对密码进行更改时,须再次报指定管理部门及IT部.If youneedtoencrypt data,needtobereportedtotheapproval ofthe DepartmentManager,and givea passwordtoadesignatedmanagementdepartmentandITdepartment,make changesin half-way,shall bereported againspecifiedmanagementdepartmentand ITdepartment.
3.
2.
3.
4.2员工离职或调职时,需做好密码的交接工作此交接工作需由其部门主任或经理验证确认Employee turnoveror transfer,needtotransfer goodpasswords work.The handoverworkrequiredbythe directoror manageroftheverification andvalidation.
3.
2.
3.5其它others
3.
2.
3.
5.1严禁安装、使用任何通过网络进行窃听或远程操控他人电脑之程序,未经IT部书面同意,不得与他人分享本机资源Donotinstall anyprogram,useofcomputer hackingorremotecontrol otherscomputerthrough thenetwork,without thewrittenconsentof ITdepartment,maynotsharethe resourceswithothers
3.
2.
3.
5.2当使用人员需离开电脑时,如离开时间少于15分钟,应关闭业务数据When theuser leavesthecomputer,if leavingtime lessthan15minutes,should closethebusinessdata.
3.
2.
3.
5.3无论离开工作场所多久,均需将打印件及其它数据收拾好,勿使长久暴露于桌台,以利减少数据被偷看机率,重要文档不要输出到其它部门打印机上打印,如确需输出到其它部门打印机,在执行完打印工作后,应立即到打印机所在部门及时收回打印件No matterhow longtoleavetheworkplace,thereisa needto puttheprintand otherdatapack,do notallow themexposuretothetablelong,in orderto reducetheprobability ofdata peeped,important documentsdo notoutput inother departmentssprinter,if neededto outputtootherdepartments printer,aftertheprint out,shouldimmediatelytotheprinter departmentrecovery theprint timely.
3.
2.4数据保全Data preservation
3.
2.
4.1同一文槽名,不得有多个内容不同的版本当数据内容相同时,不得有多份不同名的文档The samedocumentname,shouldnotbe differentversions.When thedata contentisthesame,there shallbe nomore thana documentwith thatname.
3.
2.
4.2IT部应每天对公司数据进行两份备份,一份存放在服务器本机上,另一份应存放在另一服务器上The ITdepartment shouldmake twocopies ofdata in company everyday,a storedonthe server ofcomputer,another shouldbestoredonanotherserverOn the.
3.
2.
4.3公司重要的业务应用,比如Email及Web服务器,均需重点监管,勤于备份Our companyimportant application,suchasEmail andWeb server,are requiredtofocus onsupervision,and backup.
3.3其它管理制度Other managementsystem
3.
3.1电脑内容Computer content
3.
3.
1.1私人资料Personal information私人数据,不能存放到公司服务器上Private data,cannotbestoredintheserverofcompany.私人数据不得有任何引人不安的内容,并且不得打印Personal datashallnothave anydisturbingcontent,and cant printincompany.
3.
3.
1.2公司资料Company information
3.
3.
1.
2.1存放需遵循前述有关存放原则,并要求妥善规划,做到档案层次分明。