大规模信息系统涉及到的资产种类多、数量多、分布范围广且网络结构复杂,在相关风险评估及等级测评实践中遇到了效率低下、结果不全面、灵活性差等问题。提出一种基于层次分析法的大规模信息系统风险评估方法。该方法结合大规模信息系统的特点,以层次分析法为基础,引入节点分类、风险调整等流程实现了定性与定量相结合的风险评估,有效解决了上述问题,为大规模信息系统的风险评估及等级测评工作提供了方法,同时为提高大规模信息系统等级测评的结果判定的准确性提供了思路。%The diverse category,large quantity and wide distribution of the assets are what the large-scale information system involved in, its network structure is complex as well,in the practice of related risk assessments and rank evaluation,it encounters the problems of low efficiency,incomprehensive result and poor flexibility,etc.In this paper,we present an AHP-based large-scale information systems risk assessment method.With the characteristics of large-scale information system combined,this method takes analytic hierarchy process as the basis,and introduces the processes including node classification and risk adjustment to have implemented the risk assessment with qualitative and quantitative combination.The method effectively resolves the problems listed above and provides an approach for risk assessments and rank evaluation of large-scale information system.Meanwhile it also provides a thought for improving the accuracy of the results judgement on the rank evaluation of large-scale information system.
展开▼