電子檔案風險評估指標之建構及其應用實例分析

Establishing the Risk Assessment Indicators of Electronic Records and Empirical Analysis of an Institution

本研究目的在於建立符合國內機關檔案情境之電子檔案風險管理作業模式。採用疊慧法（Delphi）評核電子檔案風險管理之共識項目，建立機關檔案進行電子檔案風險自我檢核的指標，接續進行個案實證研究，以驗證風險檢核表之適用性，進而提出個案機關之電子檔案風險管理策略。本研究調查結果提出63項電子檔案風險檢核指標，可供機關進行風險評估作業運用；完成個案機關風險辨識與評估作業後，呈現多數指標落於低度風險區；根據風險評估結果，對於風險值3到4的指標，提供預防策略建議，對於風險值4以上指標，提供預防及減輕策略加以因應。本研究提出之電子檔案風險管理檢核表以及實務評估作業模式，可供各機關進行電子檔案風險管理實務操作之參考。

The purpose of this study is to construct a risk management model of electronic records in accordance with archival appraisal elements and the theoretical framework of risk management. The Delphi method was taken to generalize the expert consensus of electronic record risks, which can provide the basis for archival agencies to self-check their risk factors. In addition, considering the feasibility of promoting into practical, this study implemented an empirical case study to recommend a risk classification structure. The complete mode of electronic records risk management, according on the base of case study, was including of risk identification, risk assessment and implement strategy were addressed. The result proposed 63 risk indicators for agencies to carry out electronic records risk assessment. The study applied the risk assessment checklist to conduct risk identification and assessment surveys of individual cases, most of which fell in low risk areas. According to the risk management theory, the risk management strategy of electronic records was proposed. For risk indicators with risk values between 3 and 4, it was recommended to adopt a prevention strategy, risk indicators with a risk value of 4 or higher, and adopted a prevention and mitigation strategy to deal with them. Finally, the risk management framework of electronic records was proposed. The contribution of this study was to accomplish a risk checklist and set up the practice assessment model for the archival agencies as a reference to put risk management into practice.