According to the ** Municipal People's Government Office "notice on the inspection of government information system security" (Tianzheng Dian [2015] No. 52) document. Our town carried out a self-inspection of the security of the town's information system, and now reports as follows:
I. Self-inspection
(a) Security system implementation
1, set up a security team. Clearly in charge of information security leadership and specifically responsible for the caretaker, the security team for the management organization.
2, the establishment of the information security responsibility system. According to the provisions of the responsibility: the confidentiality team is responsible for the first responsibility for information security, the competent leader is responsible for the overall responsibility, the specific administrator is responsible for the main responsibility.
3, the development of computer and network security management system. Town website information caretaker is responsible for confidentiality management, password management, the computer enjoys the right to independent use, computer user name and boot password for its proprietary, and the provisions are strictly prohibited leakage.
(2) the implementation of security measures
1, confidential computers after confidentiality technology checks, and the installation of firewalls. At the same time, the configuration and installation of professional anti-virus software, strengthened in the anti-tampering, anti-virus, anti-attack, anti-paralysis, anti-disclosure and other aspects of effectiveness.
2, classified computers are equipped with boot passwords, by the person in charge of custody. At the same time, classified computers are not strictly authenticated and access control between each other **** enjoy.
3. The network terminals are not illegally connected to the Internet and other information networks, and there is no wireless network installed.
4. Professional antivirus software for removable storage devices is installed.
(C) emergency response mechanism construction
1, the development of a preliminary emergency plan, and with the deepening of the degree of information technology, combined with the actual town, in the stage of continuous improvement.
2, adhere to and classified computer systems designated maintenance unit to contact the organ computer maintenance matters, and agreed to give the town emergency technology to maximize support.
3, strict receipt and distribution of documents, improve the inventory, repair, numbering, signing system, and require the information manager before the end of each day to carry out system backup.
(D) localization of information technology products and services
1, the terminal computer confidentiality system and firewall, antivirus software, etc., are all domestic products.
2, official document processing software specifically using Kingsoft wps system.
3, payroll system, annual report system, etc. are the municipal government, the municipal party committee unified designated products system.
(E) security education and training
1, sent a person to participate in the municipal government organization of network system security knowledge training, and is specifically responsible for the town's network security management and information security work.
2, the security team organized a basic information security knowledge of the learning activities.
Second, the shortcomings found in the self-inspection and corrective comments
According to the specific requirements of the Notice, we have also found some shortcomings in the process of self-inspection, while combining the town's actuality, the future should be rectified in the following areas.
1, security awareness is not enough. To continue to strengthen the safety awareness of the cadres of the organization's education, improve the initiative and conscientiousness to do a good job of security.
2, equipment maintenance, update timely. To increase the line, the system and other timely maintenance and maintenance, at the same time, for the rapid development of information technology is characterized by increased efforts to update.
3, the level of security work remains to be improved. The care of information security is still at the primary level, to improve the modernization of security work is conducive to our further strengthening of computer information system security prevention and confidentiality work.
4, the work mechanism needs to be improved. Innovative security work mechanism, is the inevitable requirements of the new situation of information work, which is conducive to improving the operational efficiency of the network information work of the organization, is conducive to the further standardization of the office order.