本個案為探討雲端資訊服務產業資訊安全管理與商業營運模式之資訊委外廠商與雲端資安企業合作成為資訊解決方案服務供應鏈,近來企業快速數位轉型,伴隨著智慧行動裝置出現及高速行動無線網路快速發展下,更驅使網際網路發展有別於以往不一樣的應用與服務,如何維運龐大又複雜的資訊系統,如何整合日新月異的雲端資安需求,對企業來說都將面臨很大挑戰,企業為了簡化及降低維運管理成本,考量資訊委外己是企業評估的主要因素。
本文研究流程先透過雲端資訊服務產業背景現況與資安技術發展重點議題之文獻進行蒐集並針對於企業依 11 個要項評估資訊委外服務廠商如:1、持續營運 2、企業風險 3、資訊安全 4、成本 5、成熟度評量 6、組織架構 7、管理程序 8、科技整合能力 9、應用開發 10、平台優化 11、網路模組化以上項目為主要考量,進而運用深入訪談法來分析、評估其資訊委外服務廠商。故本研究之結論與未來研究方向之建議能提供企業以決策者角度運用資訊委外服務模式並提供全方位資訊服務解決方案,利用資訊技術資源整合,借力使力的快速擴展市場機會並協助企業經營,同時企業除了快速數位轉型之外,期望對未來創新科技,創造企業營收,降低成本,服務品質提昇,業務擴展有所貢獻。

This case study aims to explore the cloud information service industry, the
information security management and business operation model of information
outsourcing companies and cloud security enterprises to cooperate to become the
information solution service supply chain. The recent rapid digital transformation of
businesses, accompanied by the emergence of smart mobile devices and the rapid
development of high-speed mobile wireless networks, it also drives the development of
Internet applications and services that are different from the past, how to maintain large
and complex information systems , how to integrate the ever-changing technology of
digital transformation and the rapidly growing demand for cloud security will be a great
challenge for enterprises. In order to simplify and reduce the cost of maintenance and
management, outsourcing of information service is already a major factor in business
evaluation. In order to simplify and reduce the cost of maintenance and management
outsourcing of information service is already a major factor in business evaluation, the
main consideration of the enterprise is to evaluate the information outsourcing projects
according to 11 essential items.
The research process of this paper is to through the cloud information service
industry background status and information security technology development key
issues of literature collection. It also evaluates the information outsourcing service
provider for the enterprise according to 11 essential items, Such as : 1. Continuous
Operation 2.Enterprise Risk 3. Information Security 4. Cost 5.Maturity Assessment
6 .Organizational Structure 7. Management Process 8. Technology Integration
Capability 9. Application Development 10.Platform Optimization 11. Network
Module.
The above items are the main considerations, and then the in-depth interview
method is used to analyze and evaluate the information outsourcing service providers.
The conclusions of this study and the suggestions for future research directions
can provide enterprises with comprehensive information service solutions by using
the outsourcing service model from the perspective of decision makers, by integrating
information technology resources, leverage the strength of the rapid expansion of
market opportunities and assist the business operation, in addition to rapid digital
transformation, expectations for the future innovation of technology, revenue creation,
cost reduction, service quality improvement and business expansion.

一、中文部分
1. IThome, 2020, 數位轉型攻略:後疫時代企業生存法則
https://webinar.ithome.com.tw/
2. iThome,2018, 面對現今威脅,雲端服務安全需聚焦 4 大面向
https://www.ithome.com.tw/news/125676
3. ETtoday, 2020, 多數企業居家上班「急就章」果核數位提 4 大隱憂,
https://finance.ettoday.net/news/1686697?redirect=1#ixzz6aM4LjMqB
4. 工研院資通所,2017, 台灣雲端運算之現況與未來發展,
https://ictjournal.itri.org.tw/Content/Messagess/contents、
aspx?&MmmID=654304432061644411&CatID=654313611224236437&MSID=746
520167134306065
5. 北美智權報(2017),從國際大廠趨勢看台灣 ICT 產業發展方向,
http://www.naipo.com/Portals/1/web_tw/Knowledge_Center/Industry_Economy/IPN
C_171005_0703.htm
6. TechNews,2017, IDC 發布 2018 年台灣 ICT 市場十大趨勢預測,
https://technews.tw/2017/12/01/idc-2018-taiwan-ict-market-trend/
7. MicroFocus, 2017, 資訊治理:挑戰與解決方案,

https://www.microfocus.com/zh-
tw/media/flyer/information_governance_challenges_and_solutions_flyer_tw

8. 領導力企業管理顧問有限公司,2016,ISO 22301 BCM 營運持續管理系
統, https://www.isoleader.com.tw/home/iso-coaching-detail/ISO22301-BCM
9. TURCERT 技術控制和認證公司,2018, ISO 31000 企業風險管理系統,
https://www.sertifikasyon.net/zh-TW/detay/iso-31000-kurumsal-risk-yonetim-sistemi-
nedir/
10. SGS,2019, ISO 27001 - 資訊安全管理系統,
https://twap.sgs.com/Trainsys/iso27001/iso27001、html
11. Nutanix,2019,Nutanix 企業雲新功能:總體擁有成本(TCO),
https://nutanix.martech-blog.com/2019/02/25/nutanix 企業雲新功能%EF%BC%9A
總體擁有成本%EF%BC%88tco%EF%BC%89 一覽表-2/
12. 國土及公共治理,2019, 政府機關資安治理成熟度評估機制,
https://ws.ndc.gov.tw/Download.ashx?u=LzAwMS9hZG1pbmlzdHJhdG9yLzEwL3Jl
bGZpbGUvMC8xMzExMi9kMGY2N2Q2YS02Yjk2LTRiOGQtOTRhZS01ZDU2Yz
liYzIyODMucGRm&n=5pS%2F562W5paw55%2BlMDQt5pS%2F5bqc5qmf6Zec6L
OH5a6J5rK755CG5oiQ54af5bqm6KmV5Lyw5qmf5Yi2LnBkZg%3D%3D&icon=.p
df
13. TrendMicro,2020, 雲端資安:重要觀念、威脅與解決方案,
https://blog.trendmicro.com.tw/?p=64474
14. 國家發展委員會,2020, 國家發展計畫(110 至 113 年),
https://www.ndc.gov.tw/News_Content.aspx?n=114AAE178CD95D4C&s=15867684
BCC9E703
15. 行政院國家資通安全會報,2017,資安產業發展行動計畫(107-114 年),
https://nicst.ey.gov.tw
16. 江建基,2005,資訊委外服務的機會與挑戰,淡江大學
17. 呂震國,2012,資訊委外服務專案之風險管理研究-資訊服務業之個案探
討,元智大學
18. 楊國照,2011,影響資訊委外服務品質之關鍵因素—以校園資訊服務為
例,中原大學
19. 彭弘賓,2010,植基於 ISO27001 探討企業資訊委外服務的資訊安全管
理,世新大學
20. 胡為君, 2012, 雲端資安與隱私-企業風險應對之道
21. MIC,2019,資訊服務業要審慎因應數位轉型的挑戰