The development of encrypt anti-eavesdropping for enterprises communication, of course, is now the trend. Treats to information system security are increasing today. Enterprises must strengthen their own information security protection and establish sound security mechanisms to guard against external and internal information security threats. The construction of enterprise’s information security system will become the necessary guarantee for enterprises. According to studies, for all enterprises who lost their data due to security failure, 80% of them bankrupt within 1 year.
From an enterprise perspective, information security risk control needs to cover the entire organization, including management, operations, personnel and IT systems. However, the traditional way can not give a panoramic view of the organization’s information security risk management. The construction of both the technology and management is based on the result of the risk assessment, but there is no standard for risk identification and assessment. Therefore, establishing viable goals across the organization can be very difficult and very difficult to monitor and control. For enterprises, the establishment of a systematic information security risk management system model for the effective implementation of information security risk management is very valuable.