資訊科技 INFORMATION TECHNOLOGY 184 The Division continued to maintain the existing Information Security Management System (ISMS) with proper IT security controls, as it strengthened particularly the network access, communication and operational software controls by the replacement of required competent network, firewall equipment and system software. Upon the assessment during the ongoing annual visit by the British Standards Institution in September 2022, it was confirmed that the ISMS remained in compliance with the standard of ISO/IEC 27001:2013 certification. 該科繼續以適當的資訊科技安全控制措施,維護 現有的資訊保安管理系統,並通過更換所需的網 絡、防火牆設備和系統軟件,加強對網絡存取、 通信和操作軟件的管控。經英國標準協會於2022 年9 月的連續性周年審核後,確認本院資訊保安 管理系統符合ISO/IEC 27001:2013 的認證標準。 為ISO/IEC 27001:2013認證實施維護和 提高資訊保安管理系統的安全控制 資訊科技的管治 Maintenance and Enhancement of Security Controls on the Information Security Management System (ISMS) for ISO/IEC 27001:2013 Certification Information Technology Governance The existing business contingency plan for the operation of TWGHs corporate application systems is effective amid the severe spread of COVID-19 epidemic. In the event that the staff members were unable to perform normal duties at the Administration Headquarters, the Division had a set of enterprise grade teleworking solutions in place for authorised staff to access these corporate systems remotely through a secure and robust channel. The platform was ready for use in the first quarter of 2023 in case the contingency plan had to be activated. 東華三院企業應用系統現有應變計劃行之有效, 在疫情肆虐期間,本院行政總部的員工一旦無法 於辦公室正常履行職務,仍能透過由該科採用的 企業遠程辦公室解決方案,讓已獲授權員工通過 安全可靠的渠道遠程存取本院的應用系統。該平 台已於2023 年第一季度準備就緒,以備適時啟 動應變計劃。 為東華三院企業應用系統的應變計劃實 施遠程辦公平台 Implementation of a Teleworking Platform in the Contingency Plan for the Operation of TWGHs Corporate Application Systems 個人電腦支援數目 Number of Personal Computers Supported 網絡及互聯網絡服務支援數目 Number of Local Area Networks and Internet Services Supported 不包括置於中、小學及東華學院作教學用途的電腦及網絡。 All computers and IT networks installed at the primary schools, secondary schools and Tung Wah College for teaching purpose are excluded. 不包括部分非資訊科技科直接管理的網絡及互聯網絡服務。 The network and internet services which are not directly administered by the Information Technology Division are excluded. 362 2,758 854 726 2022/2023年度為各科提供系統支援服務 System Support Services Provided for Various Divisions in the Year 2022/2023 醫務科及相關服務單位 Medical Division and Related Service Units 教育科及相關服務單位 Education Division and Related Service Units 行政總部 Administration Headquarters 社會服務科及相關服務單位 Community Services Division and Related Service Units 35 12 - 55 20 3 - 1 資訊科技伺服器支援數目 Number of IT Servers Supported 個人電腦支援數目 Number of Personal Computers Supported 資訊科技伺服器支援數目 Number of IT Servers Supported 網絡及互聯網絡服務支援數目 Number of Local Area Networks and Internet Services Supported 4,700 2,758 55 726 854 12 3 1 362 35 20 (58.68%) (53.92%) (15.45%) (18.17%) (11.76%) (12.5%) (4.17%) (7.70%) (34.32%) (83.33%) 102 24 台 台 台 sets sets sets 合計Total 合計Total 合計Total 醫療科及相關服務單位 Medical Division and Related Service Units 教育科及相關服務單位 Education Division and Related Service Units 社會服務科及相關服務單位 Community Services Division and Related Service Units 行政總部 Administration Headquarters overall security control on the current IT server infrastructure, and revamped the IT network under the scope of Information Security Management System (ISMS) for ongoing improvement.
RkJQdWJsaXNoZXIy MTkxODY5Mg==