Governance Report 管治報告 香港教育大學 2022-2023 年報 53 Risk Themes 風險類別 Risk Statements 風險陳述 Mitigation Plans 減低風險計劃 Risk Treatment 風險管理 Information systems and cyber security 資訊系統及網絡 保安 • Fast-changing technological landscape affecting EdUHK's ability to execute digital initiatives such as adoption of artificial intelligence technologies in learning and in effectively implementing safeguards to protect against risks of information systems and personal data breaches • 科技發展瞬息萬變,影響教大執 行不同數碼計劃的能力,例如在 學習方面採用人工智能科技,以 及防範資訊系統和個人資料外洩 風險措施的效能 • Allocate manpower to explore new technologies and technology trends for new ideas on digital initiatives • Update and implement new cyber security measures to safeguard information systems and IT infrastructure • Provide users with cyber security and personal data protection training through workshops and newsletters • 分配人手,探索新科技及新趨 勢,以取得數碼發展方面的新意 念 • 升級及實施新的網路安全措施, 保障資訊系統和網絡基建 • 透過工作坊和新聞通訊,為用戶 提供網路安全和保障個人資料方 面的培訓 • Studied new technologies for executing digital initiatives • Conducted regular reviews on IT security policies and their effectiveness, and updated them when necessary • Conducted regular security audits on IT infrastructure and IT assets, e.g., for vulnerabilities, patching level, etc. • Assessed security awareness of users through mock phishing exercises and enhanced users’ awareness through training • 學習新科技,以推行各種數碼舉 措 • 恆常檢視資訊保安政策及其有效 性,並按需要進行升級 • 定期審視網絡基建及網絡資產, 例如漏洞及修補程式等級等 • 透過突擊檢查,例如模擬釣魚郵 件,提高用戶安全意識
RkJQdWJsaXNoZXIy Mjk0NjMy