發(fā)布時(shí)間：2018-06-07 18:41

  本文選題：石油企業(yè) + 信息技術(shù)��； 參考：《西南石油大學(xué)》2016年博士論文

【摘要】：以信息技術(shù)為代表的現(xiàn)代科學(xué)技術(shù)的迅猛發(fā)展,深刻地影響和改變著現(xiàn)代石油企業(yè)的發(fā)展和運(yùn)行。以“數(shù)字油田”為核心的上游企業(yè)利用數(shù)據(jù)自動(dòng)采集、生產(chǎn)流程自動(dòng)監(jiān)控、數(shù)據(jù)集中共享、遠(yuǎn)程實(shí)時(shí)監(jiān)控等對(duì)勘探、采油、加工等環(huán)節(jié)進(jìn)行數(shù)字平臺(tái)上的集中管理,中游企業(yè)通過業(yè)務(wù)控制系統(tǒng)、實(shí)時(shí)通信系統(tǒng)等對(duì)石油的存儲(chǔ)、運(yùn)輸以及煉化進(jìn)行全過程的監(jiān)測和控制,下游企業(yè)基于ERP體系對(duì)石油產(chǎn)品進(jìn)行網(wǎng)絡(luò)化、智能化地統(tǒng)一調(diào)度、儲(chǔ)運(yùn)和銷售,石油企業(yè)信息化程度的不斷提高,現(xiàn)代石油企業(yè)對(duì)信息技術(shù)高度依賴。伴隨著信息技術(shù)與石油業(yè)務(wù)高度融合,以及云計(jì)算、大數(shù)據(jù)和移動(dòng)互聯(lián)等信息技術(shù)的不斷發(fā)展和應(yīng)用,石油企業(yè)的IT風(fēng)險(xiǎn)日益增大。對(duì)石油企業(yè)來說,研究IT風(fēng)險(xiǎn)管理是一個(gè)嶄新的課題,對(duì)石油企業(yè)IT風(fēng)險(xiǎn)管理具有一定的理論和現(xiàn)實(shí)意義,可以豐富石油企業(yè)IT風(fēng)險(xiǎn)管理理論,促進(jìn)石油企業(yè)IT風(fēng)險(xiǎn)管理水平的提高。鑒于石油企業(yè)IT風(fēng)險(xiǎn)管理現(xiàn)狀,本文以石油企業(yè)的IT風(fēng)險(xiǎn)管理體系為研究對(duì)象,借助風(fēng)險(xiǎn)管理理論的研究成果,結(jié)合石油企業(yè)IT風(fēng)險(xiǎn)與IT風(fēng)險(xiǎn)管理的理論和實(shí)踐,構(gòu)建了石油企業(yè)IT風(fēng)險(xiǎn)管理體系;通過定性與定量相結(jié)合的方法,研究了石油企業(yè)IT風(fēng)險(xiǎn)識(shí)別、評(píng)估、應(yīng)對(duì)和預(yù)警,并通過案例研究,證明其適用性和科學(xué)性。第一,在文獻(xiàn)研究的基礎(chǔ)上,歸納界定了石油企業(yè)IT風(fēng)險(xiǎn)與IT風(fēng)險(xiǎn)管理體系的概念,即石油企業(yè)IT風(fēng)險(xiǎn)是在石油企業(yè)內(nèi)使用、擁有、操作、參與、應(yīng)用信息科技所造成的業(yè)務(wù)風(fēng)險(xiǎn),包括由于使用計(jì)算機(jī)硬件、軟件、網(wǎng)絡(luò)等系統(tǒng)所引發(fā)的各種不利情況,并闡述了其內(nèi)涵和外延,明確了研究的主體和邊界。第二,收集、整理、分析石油企業(yè)IT建設(shè)、IT風(fēng)險(xiǎn)管理和一些石油企業(yè)IT風(fēng)險(xiǎn)事故的信息資料,依據(jù)現(xiàn)有的理論和石油企業(yè)IT風(fēng)險(xiǎn)管理的實(shí)踐,對(duì)石油企業(yè)IT風(fēng)險(xiǎn)進(jìn)行分類,將石油企業(yè)IT風(fēng)險(xiǎn)分為五類:IT風(fēng)險(xiǎn)管理類風(fēng)險(xiǎn)、信息安全風(fēng)險(xiǎn)、IT服務(wù)風(fēng)險(xiǎn)、業(yè)務(wù)連續(xù)性風(fēng)險(xiǎn)和IT技術(shù)外包風(fēng)險(xiǎn);總結(jié)出了石油企業(yè)IT風(fēng)險(xiǎn)的特征和表現(xiàn)形式;明確了石油企業(yè)IT風(fēng)險(xiǎn)管理的現(xiàn)狀:目前石油企業(yè)已具備了 IT風(fēng)險(xiǎn)管理的基本框架,有一定風(fēng)險(xiǎn)防范能力,但石油企業(yè)IT風(fēng)險(xiǎn)管理現(xiàn)狀仍不容樂觀,存在很多缺陷和漏洞,石油企業(yè)IT規(guī)劃建設(shè)不完善,IT風(fēng)險(xiǎn)管理隱患大,自主可控方面的IT風(fēng)險(xiǎn)管理現(xiàn)狀堪憂等等。通過分析石油企業(yè)IT風(fēng)險(xiǎn)典型事件的誘因耦合與演化機(jī)制,探討了典型IT風(fēng)險(xiǎn)事件對(duì)石油企業(yè)IT風(fēng)險(xiǎn)管理體系構(gòu)建的啟示,要嚴(yán)格流程化、系統(tǒng)化管理,注重IT風(fēng)險(xiǎn)管理事件的識(shí)別與評(píng)估和IT風(fēng)險(xiǎn)事件的預(yù)警。第三,在必要性分析的基礎(chǔ)上,結(jié)合系統(tǒng)論的觀點(diǎn)構(gòu)建了石油企業(yè)IT風(fēng)險(xiǎn)管理體系,體系由主體、層次和流程三個(gè)維度構(gòu)成,包含由內(nèi)而外、由上至下四個(gè)相互關(guān)聯(lián)的子系統(tǒng):戰(zhàn)略目標(biāo)、戰(zhàn)略支撐、風(fēng)險(xiǎn)管理、整合管理。石油企業(yè)IT風(fēng)險(xiǎn)管理體系足由戰(zhàn)略層的戰(zhàn)略目標(biāo)、職能層的風(fēng)險(xiǎn)控制目標(biāo)和執(zhí)行層IT風(fēng)險(xiǎn)的實(shí)時(shí)監(jiān)測與預(yù)警目標(biāo)組成的三層結(jié)構(gòu)的目標(biāo)體系,各層目標(biāo)又有與之相宜的、有效的方法,這就構(gòu)成了IT風(fēng)險(xiǎn)管理體系的方法體系。結(jié)合管理體系與體制、機(jī)制、法制的內(nèi)涵辨析,分析了體制、機(jī)制、法制與四個(gè)子系統(tǒng)功能層次之間的對(duì)應(yīng)關(guān)系,明確了石油企業(yè)IT風(fēng)險(xiǎn)管理體系是基于體制、機(jī)制和法制三個(gè)維度的綜合體系,其中最為重要的方法是面向職能層的IT風(fēng)險(xiǎn)識(shí)別、評(píng)估和應(yīng)對(duì),以及同時(shí)面對(duì)職能層和執(zhí)行層的IT風(fēng)險(xiǎn)預(yù)警。第四,定性地分析了石油企業(yè)IT風(fēng)險(xiǎn)識(shí)別、評(píng)估、應(yīng)對(duì)面臨的困境,在風(fēng)險(xiǎn)管理核心子系統(tǒng)的基礎(chǔ)上,系統(tǒng)地研究了石油企業(yè)IT風(fēng)險(xiǎn)的識(shí)別、評(píng)估和應(yīng)對(duì)方法,建立了基于風(fēng)險(xiǎn)識(shí)別組合方法的石油企業(yè)IT風(fēng)險(xiǎn)識(shí)別方法和基于云模型的石油企業(yè)IT風(fēng)險(xiǎn)評(píng)估方法,并針對(duì)石油企業(yè)不同IT風(fēng)險(xiǎn)類別,提出了石油企業(yè)IT風(fēng)險(xiǎn)應(yīng)對(duì)策略。相應(yīng)的方法、模型和策略通過大慶石化的實(shí)際案例進(jìn)行了應(yīng)用,通過識(shí)別出大慶石化大部分的IT風(fēng)險(xiǎn),驗(yàn)證了石油企業(yè)IT風(fēng)險(xiǎn)識(shí)別的組合方法的可行性和有效性,而風(fēng)險(xiǎn)評(píng)估得到了與定性評(píng)估一致的、量化的大慶石化IT風(fēng)險(xiǎn)期望值,表明了基于云模型的石油企業(yè)IT風(fēng)險(xiǎn)評(píng)估方法的可行性。第五,引入異常點(diǎn)識(shí)別理論和遺傳算法優(yōu)化的神經(jīng)網(wǎng)絡(luò),通過定性與定量相結(jié)合的方法,構(gòu)建面向兩個(gè)層面的兩個(gè)預(yù)警模型:基于異常點(diǎn)識(shí)別理論的石油企業(yè)IT風(fēng)險(xiǎn)預(yù)警模型和基于GA_BP神經(jīng)網(wǎng)絡(luò)的石油企業(yè)IT風(fēng)險(xiǎn)態(tài)勢預(yù)警模型,與IT風(fēng)險(xiǎn)預(yù)警模型和IT風(fēng)險(xiǎn)態(tài)勢預(yù)警模型兩層預(yù)警結(jié)構(gòu)相一致,建立了石油企業(yè)兩個(gè)層次的IT風(fēng)險(xiǎn)預(yù)警方法。石油企業(yè)IT風(fēng)險(xiǎn)預(yù)警平臺(tái)的系統(tǒng)架構(gòu)分兩層,由兩個(gè)系統(tǒng)構(gòu)成,一是“IT風(fēng)險(xiǎn)預(yù)警系統(tǒng)”,基于IT風(fēng)險(xiǎn)預(yù)警模型,用于石油企業(yè)對(duì)本企業(yè)IT基礎(chǔ)環(huán)境的風(fēng)險(xiǎn)監(jiān)測和預(yù)警,二是“風(fēng)險(xiǎn)態(tài)勢監(jiān)測系統(tǒng)”,基于IT風(fēng)險(xiǎn)態(tài)勢預(yù)警模型,用于石油企業(yè)IT風(fēng)險(xiǎn)態(tài)勢監(jiān)測和預(yù)警,二者的數(shù)據(jù)可以互通互聯(lián)。以大慶石化為案例,研究證明了 GA_BP的評(píng)價(jià)結(jié)果更好,能夠更好地滿足IT風(fēng)險(xiǎn)預(yù)警的需要。
[Abstract]:The rapid development of modern science and technology, represented by information technology, has deeply influenced and changed the development and operation of modern petroleum enterprises. The upstream enterprises with "Digital Oilfield" as the core use automatic data acquisition, automatic monitoring of production process, data centralized sharing, remote real-time monitoring and so on for exploration, oil production, processing and other links. The centralized management on the digital platform, the middle reaches of the enterprise through the business control system, the real-time communication system to monitor and control the whole process of oil storage, transportation and refining. The downstream enterprises are based on the ERP system to network the petroleum products, intelligent and unified scheduling, storage and transportation, and the continuous improvement of the information degree of the petroleum enterprises. High, modern oil enterprises are highly dependent on information technology. Along with the high integration of information technology and oil business, and the continuous development and application of information technology such as cloud computing, large data and mobile interconnection, the IT risk of oil enterprises is increasing. For petroleum enterprises, the study of IT risk management is a new subject, and the petroleum enterprise IT Risk management has a certain theoretical and practical significance, which can enrich the IT risk management theory of petroleum enterprises and promote the improvement of IT risk management level of petroleum enterprises. In view of the current situation of IT risk management in petroleum enterprises, this paper takes the IT risk management system of petroleum enterprises as the research object, with the help of the research results of the risk management theory, combined with the oil enterprises. IT risk and IT risk management theory and practice, construction of the petroleum enterprise IT risk management system, through the combination of qualitative and quantitative method, the petroleum enterprise IT risk identification, assessment, response and early warning, and through case study, to prove its applicability and scientific. The concept of industry IT risk and IT risk management system, that is, the IT risk of oil enterprises is used, owned, operated, involved, and applied in the oil enterprises, and the business risks caused by the application of information technology, including the various adverse circumstances caused by the use of computer hardware, software, network and other systems, and the connotation and extension of the system are expounded, and the master of the research has been clarified. Second, second, collect, collate, analyze the information of petroleum enterprise IT construction, IT risk management and some oil enterprise IT risk accident information. According to the existing theory and the practice of IT risk management of petroleum enterprise, the IT risk of petroleum enterprise is classified, and the IT risk of petroleum enterprise is divided into five categories: IT risk management risk, information security wind Risk, IT service risk, business continuity risk and IT technology outsourcing risk, summarize the characteristics and forms of IT risk in petroleum enterprises, and make clear the current situation of IT risk management in Petroleum Enterprises: at present, petroleum enterprises have already possessed the basic framework of IT risk management, and have certain risk prevention ability, but the present situation of IT risk management in petroleum enterprises is still not allowed. There are many defects and loopholes, the IT planning and construction of petroleum enterprises are not perfect, the risk management of IT is big, and the status of IT risk management in the independent and controllable aspects is worried, and so on. Through the analysis of the inducement coupling and evolution mechanism of the typical IT risk events of the petroleum enterprises, the paper probes into the construction of the typical IT risk management system of the IT risk management system of the petroleum enterprise. The inspiration, we should strictly process, systematized management, pay attention to the identification and evaluation of IT risk management events and the early warning of IT risk events. Third, on the basis of the analysis of the necessity, the paper constructs the petroleum enterprise IT risk management system based on the viewpoint of the system theory. The system consists of the three dimensions of the main body, the level and the process, including from the inside to the bottom. Four interrelated subsystems: strategic objectives, strategic support, risk management, integrated management. The IT risk management system of oil enterprises is full of strategic objectives, the target of the risk control of the functional level and the target system of the three layers of realtime monitoring and early warning targets of the risk of the executive layer, and the objectives of each level are appropriate. The effective method, which constitutes the method system of the IT risk management system, analyzes the corresponding relationship between the system, mechanism, legal system and the functional levels of the four subsystems by analyzing the connotation of management system and system, mechanism and legal system. It is clear that the IT risk management system of petroleum enterprises is based on the synthesis of the three dimensions of system, mechanism and legal system. The most important method is the IT risk identification, evaluation and response to the functional level, and the IT risk early warning at the same time. Fourth, it qualitatively analyzes the risk identification, evaluation and predicament of the petroleum enterprise IT, and systematically studies the petroleum enterprise IT on the basis of the core subsystem of the risk management. The risk identification, evaluation and coping methods are established, and the IT risk identification method based on risk identification combination method and the IT risk assessment method based on cloud model are established. According to the different IT risk categories of the petroleum enterprises, the corresponding countermeasures are put forward for the IT risk of oil enterprises. The corresponding method, model and strategy are carried out through Daqing petrochemical. The practical case is applied. By identifying most of the IT risk of Daqing petrochemical, the feasibility and effectiveness of the combination method of IT risk identification of oil enterprises is verified, and the risk assessment is consistent with the qualitative assessment, and the quantitative risk expectation value of the Daqing petrochemical IT is clear, and the IT risk assessment party based on the cloud model is clear. The feasibility of the method. Fifth, with the introduction of abnormal point recognition theory and the neural network optimized by genetic algorithm, two early warning models facing two levels are constructed through the combination of qualitative and quantitative methods: IT risk early warning model of oil enterprises based on abnormal point recognition theory and the early warning model of IT risk situation based on GA_BP neural network In accordance with the IT risk early warning model and the two layer early warning structure of IT risk situation early warning model, the two levels of IT risk early warning method for oil enterprises are established. The system architecture of the IT risk early warning platform for petroleum enterprises is divided into two layers, composed of two systems, one is "IT risk early warning system", and based on the IT risk early warning model, it is used in oil enterprises. The risk monitoring and early warning of the enterprise IT basic environment, two is the "risk situation monitoring system", based on the IT risk situation early warning model, used for monitoring and early warning of the risk situation of the petroleum enterprise IT, the data of the two are interconnected. The case of Daqing Petrochemical is a case study. The research proves that the result of the GA_BP evaluation is better and can better meet the IT wind. The need for risk early-warning.
【學(xué)位授予單位】：西南石油大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2016
【分類號(hào)】：F426.22;F270.7;F272.3

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 郭英;張萍;;石油企業(yè)網(wǎng)絡(luò)信息安全現(xiàn)狀及解決方案探討[J];通訊世界;2016年15期

2 閆振好;趙小南;張立新;;科技金融風(fēng)險(xiǎn)防范的研究進(jìn)展與展望[J];濰坊工程職業(yè)學(xué)院學(xué)報(bào);2016年04期

3 方良川;張明瑜;鄭燕生;;互聯(lián)網(wǎng)金融發(fā)展中值得關(guān)注的風(fēng)險(xiǎn)及對(duì)策建議[J];中國農(nóng)村金融;2016年14期

4 宋瑾;;中小金融機(jī)構(gòu)信息安全管理風(fēng)險(xiǎn)及對(duì)策[J];電子技術(shù)與軟件工程;2016年14期

5 徐慧敏;;石油企業(yè)網(wǎng)絡(luò)信息安全監(jiān)控技術(shù)研究[J];信息通信;2016年06期

6 趙洪濤;;石油企業(yè)網(wǎng)絡(luò)信息安全現(xiàn)狀及對(duì)策[J];信息化建設(shè);2016年06期

7 穆衛(wèi)巍;王利平;;芻議石油企業(yè)信息安全策略及解決方略[J];中國培訓(xùn);2016年12期

8 任力;;淺談加強(qiáng)石油企業(yè)網(wǎng)絡(luò)信息安全管理體系重要性[J];當(dāng)代化工研究;2016年05期

9 王利平;穆衛(wèi)巍;;探究計(jì)算機(jī)網(wǎng)絡(luò)安全應(yīng)用信息加密技術(shù)在石油行業(yè)中的應(yīng)用[J];現(xiàn)代職業(yè)教育;2016年12期

10 李鐵;;總結(jié)石油企業(yè)計(jì)算機(jī)網(wǎng)絡(luò)信息安全及防范措施[J];通訊世界;2016年08期

相關(guān)會(huì)議論文 前3條

1 馬強(qiáng);陳楠;;利用遺傳算法優(yōu)化BP神經(jīng)網(wǎng)絡(luò)初步研究[A];第十屆沈陽科學(xué)學(xué)術(shù)年會(huì)論文集（信息科學(xué)與工程技術(shù)分冊(cè)）[C];2013年

2 汪旭東;李慶;;淺議石油行業(yè)內(nèi)部信息網(wǎng)絡(luò)的安全建設(shè)[A];“加入WTO和科學(xué)技術(shù)與吉林經(jīng)濟(jì)發(fā)展——機(jī)遇·挑戰(zhàn)·責(zé)任”吉林省第二屆科學(xué)技術(shù)學(xué)術(shù)年會(huì)論文集（上）[C];2002年

3 杜紅梅;劉明盛;;基于云模型的風(fēng)險(xiǎn)評(píng)估方法研究[A];2009系統(tǒng)仿真技術(shù)及其應(yīng)用學(xué)術(shù)會(huì)議論文集[C];2009年

相關(guān)重要報(bào)紙文章 前1條

1 張摘月;王峰;;加強(qiáng)信息技術(shù)風(fēng)險(xiǎn)監(jiān)管[N];金融時(shí)報(bào);2004年

相關(guān)博士學(xué)位論文 前3條

1 楊峰;商業(yè)銀行IT風(fēng)險(xiǎn)識(shí)別與評(píng)估研究[D];電子科技大學(xué);2012年

2 馮楠;軟件項(xiàng)目風(fēng)險(xiǎn)管理理論與模型研究[D];天津大學(xué);2007年

3 陳光;信息系統(tǒng)信息安全風(fēng)險(xiǎn)管理方法研究[D];國防科學(xué)技術(shù)大學(xué);2006年

相關(guān)碩士學(xué)位論文 前4條

1 陳朝暉;商業(yè)銀行信息科技風(fēng)險(xiǎn)及防控策略研究[D];北京交通大學(xué);2009年

2 郭勇;銀行數(shù)據(jù)大集中后的風(fēng)險(xiǎn)分析與防范[D];北京郵電大學(xué);2009年

3 吳衛(wèi)芬;我國銀行業(yè)信息技術(shù)外包的風(fēng)險(xiǎn)管理研究[D];浙江工商大學(xué);2008年

4 吳文忠;信息化條件下的銀行風(fēng)險(xiǎn)監(jiān)管研究[D];暨南大學(xué);2006年

，

本文編號(hào)：1992336