JP6585658B2 - Management device, management method, and management program - Google Patents

Description

  The present invention relates to a management device, a management method, and a management program.

  Conventionally, systems for dealing with crises such as natural disasters and cyber attacks are known. For example, crisis response information shared by e-mail, telephone, FAX, etc. is converted into a Web, and information is aggregated, managed, and shared among all organizations that handle the crisis. This will unify the awareness of crisis situations and support the efficient operation of headquarters such as the disaster response headquarters.

  On such a system, a message comprising an instruction command related to crisis response and a report to the command is exchanged. Accurate and detailed information is required for instructions and reports on crisis response. In addition, such log information including instruction commands and reports related to crisis response is widely shared and usefully utilized as crisis response know-how when a similar or similar crisis occurs (see Patent Document 1).

  Further, in an emergency, an organization (emergency organization) different from an organization at normal time (emergency organization) performs an emergency response, but it is necessary to perform an emergency training from the ordinary time. During training, emergency information handled by the emergency organization in the event of an emergency will be handled by the peacetime organization.

Japanese Patent No. 5980723

  However, the emergency information may include sensitive information related to management, personal information, or privacy information, and the confidential information may be leaked to an inappropriate partner. For example, if a report containing confidential information of a specific subsidiary in response to an instruction order from a parent company to multiple subsidiaries is disclosed to another subsidiary, the confidential information of this specific subsidiary is leaked to other subsidiaries in the competition. There is a risk that. In particular, there is a risk that a necessary and appropriate safety management measure is not taken when the operator who performs the instruction or report is a personal information handling operator.

  Furthermore, what kind of scene is handled as “emergency” varies depending on how often it occurs and in what period. Therefore, there are various organizational configurations and person-in-charge configurations for dealing with them. For example, there is a case where a new emergency organization is formed to handle emergency information, and a person in charge also serves as a normal organization, or a normal organization handles emergency information in addition to the normal time information as it is. However, the conventional technology does not consider the relationship between the emergency organization and the peacetime organization. In addition, emergency information is used as training information when training is performed during normal times in preparation for an emergency, but the conventional technology does not consider how emergency information is used as training information.

  The present invention has been made in view of the above, and an object thereof is to appropriately manage the disclosure destination of information handled in response to a crisis.

  In order to solve the above-described problems and achieve the object, the management apparatus according to the present invention provides an emergency of the issuing source and the destination from a user belonging to the organization at the time of emergency of issuing an instruction command or report regarding crisis response. A storage unit that stores the source, destination, and contents of the received instruction command or report in the storage unit when the specified instruction command or report is received by a combination of organizations; and is stored in the storage unit Disclosure destination including a normal organization that is preset according to the combination with respect to a disclosure item that is preset according to the combination of the instruction command or the report source, the destination, or the content And a permission unit that permits reference by a user belonging to the organization.

  ADVANTAGE OF THE INVENTION According to this invention, the disclosure destination of the information handled by crisis response can be managed appropriately.

FIG. 1 is a schematic view illustrating a schematic configuration of a system including a management apparatus according to an embodiment of the invention. FIG. 2 is a diagram illustrating a data configuration of the user information table. FIG. 3 is a diagram illustrating a data configuration of the organization information table. FIG. 4 is a diagram illustrating a data configuration of the user affiliation organization information table. FIG. 5 is a diagram illustrating a data configuration of the instruction command / report system information table. FIG. 6 is a diagram illustrating a data configuration of the disclosure control information table. FIG. 7 is a diagram illustrating a data configuration of the instruction command / report information table. FIG. 8 is a diagram illustrating a data configuration of the operation log information table. FIG. 9 is a sequence diagram showing a storage processing procedure. FIG. 10 is a sequence diagram showing the permission processing procedure. FIG. 11 is a sequence diagram illustrating a notification processing procedure. FIG. 12 is an explanatory diagram for explaining the effect of the management apparatus. FIG. 13 is a diagram illustrating a computer that executes a management program.

  Hereinafter, an embodiment of the present invention will be described in detail with reference to the drawings. In addition, this invention is not limited by this embodiment. Moreover, in description of drawing, the same code | symbol is attached | subjected and shown to the same part.

[System Overview]
FIG. 1 is a schematic diagram illustrating a schematic configuration of a system including a management apparatus according to this embodiment. As illustrated in FIG. 1, the management apparatus 10 is connected to the client terminal 30 and the mail server 40 via the network 20. Here, the network 20 is an arbitrary type of telecommunication line such as a wired or wireless LAN (Local Area Network) or VPN (Virtual Private Network).

  The client terminal 30 is realized by, for example, a personal computer or a smartphone, and is installed in each organization that performs crisis response, for example. As will be described later, the user can refer to information provided from the management apparatus 10 or transmit information to the management apparatus 10 via the Web browser of each client terminal 30 or the like.

  The mail server 40 controls transmission / reception of mail among users belonging to an organization that deals with a crisis. As will be described later, when the management apparatus 10 notifies the user of information, the mail server 40 is caused to transmit a mail to the user.

  The management device 10 is realized by a server device, for example, and is installed in a crisis response headquarters such as a disaster response headquarters. The management device 10 executes management processing to be described later, and allows a user belonging to an appropriate disclosure destination organization to refer to an instruction command and a report for the instruction command via the client terminal 30.

[Configuration of management device]
The management device 10 is realized by a general-purpose computer such as a server device, and includes a storage unit 11 and a control unit 12 as illustrated in FIG. The management device 10 includes an input unit, an output unit, and a communication control unit (not shown).

  The input unit is realized by using an input device such as a keyboard or a mouse, and inputs various instruction information such as processing start to the control unit 12 in response to an input operation by the operator. The output unit is realized by a display device such as a liquid crystal display or a printing device such as a printer. The communication control unit is realized by a NIC (Network Interface Card) or the like, and controls communication between an external device such as the client terminal 30 and the control unit 12 via the network 20.

  The storage unit 11 is realized by a semiconductor memory device such as a RAM (Random Access Memory) or a flash memory, or a storage device such as a hard disk or an optical disk. The storage unit 11 may be configured to communicate with the control unit 12 via the communication control unit.

  In the present embodiment, the storage unit 11 includes a user information table 11a, an organization information table 11b, a user affiliation organization information table 11c, an instruction command / report system information table 11d, a disclosure control information table 11e, and an instruction command / report information table 11f. In addition, an operation log information table 11g is stored. Here, each information table will be described with reference to FIGS.

  The user information table 11a stores information on users belonging to each organization that deals with the crisis. Specifically, as illustrated in FIG. 2, the user information table 11a includes a user ID, a name, a reading pseudonym, a login ID, a password, an e-mail address, a registration date and an abolition date. Here, the user ID is information for identifying each user as key information of the information table.

  The login ID and password are information used for user authentication in the management apparatus 10. That is, the login ID represents identification information used when each user logs in to the management apparatus 10, and the password means a password used for login. Note that the user authentication method is not limited to the login ID and password, but instead includes information corresponding to an arbitrary user authentication method. For example, when biometric authentication is applied as user authentication, biometric information is included instead of the login ID and password.

  The e-mail address represents the user's e-mail destination, and is used for notification to the user in the management process described later. The registration date / time indicates the date / time when the user information was registered in the information table, and the abolition date / time indicates the date / time when the user information became invalid.

  In FIG. 2, for example, Jiro Nakamura's login ID, password, and e-mail address were registered in the user information table 11a at 13:37 on April 1, 2016 as the user ID “3”. It has been shown.

  The organization information table 11b stores information on each organization that handles the crisis. Specifically, as illustrated in FIG. 3, the organization information table 11b includes an organization ID, an organization name, a registration date / time, and an abolition date / time. Here, the organization ID is information for identifying each organization as key information of the information table. The registration date and time represents the date and time when the organization was established, and the abolition date and time represents the date and time when the organization was abolished. FIG. 3 shows that, for example, the crisis management room with the organization ID “1” was established at 9:00 on April 1, 2016 and is still being abolished.

  The user affiliation organization information table 11c stores information representing the correspondence between users and organizations belonging to organizations that handle crises. Specifically, as illustrated in FIG. 4, the user affiliation organization information table 11 c includes a user ID, an organization ID, a normal / emergency flag, a registration date and an abolition date.

  The normal / emergency flag indicates whether each user is active in each organization during normal times or in an emergency. Here, “False” is set when belonging to a corresponding organization as a member of a normal organization that operates during normal times, and “True” is set when belonging as a member of an emergency organization that operates in an emergency. The registration date / time indicates the date / time when the corresponding information is registered in the information table, and the abolition date / time indicates the date / time when the corresponding information becomes invalid.

  In FIG. 4, for example, the fact that the user with the user ID “1” belongs to the organization with the organization IDs “1” and “8” at 14:40 on April 6, 2016 is shown in FIG. Is registered. Also, in FIG. 4, for example, in the organization with the organization ID “8”, the user with the user ID “1” belongs to the emergency organization while the user with the user ID “4” belongs to the normal organization. Has been shown to do.

  The instruction command / report system information table 11d stores information indicating a combination pattern of an instruction command organization and a reporting organization when crisis response is performed in an emergency. That is, the instruction command / report system information table 11d shows a combination pattern of an instruction command or a report issuing source and a counterpart organization in emergency in response to a crisis.

  Specifically, as illustrated in FIG. 5, the instruction command / report system information table 11d includes an instruction command / report system ID, a name, an outline, an instruction command organization ID, a report organization ID, a disclosure control ID, a registration date and time. And the date of discontinuation. The instruction command / report system ID is information for identifying each pattern of the instruction command / report system as key information of the information table. The name and summary represent the name and summary of the crisis response case.

  The instruction command organization ID means the organization ID of the instruction command organization. The instruction command organization means the organization that issued the instruction command in the event of an emergency, and at the same time means the organization of the report partner for the instruction command. The reporting organization ID means the organization ID of the reporting organization. The reporting organization means a destination organization of an instruction command in an emergency, and at the same time, an organization that can be a source of a report for the instruction command. In a management process to be described later, an instruction command to be issued or an instruction command / report system ID corresponding to a report is designated by the user who issued the data. The disclosure control ID will be described later. The registration date / time indicates the date / time when the information of each pattern is registered in the information table, and the abolition date / time indicates the date / time when the information of each pattern becomes invalid.

  In FIG. 5, for example, the combination pattern of the instruction command organization and the reporting organization corresponding to the instruction command / report system ID “1” is an instruction command / report system information table at 1:56 on August 4, 2016. 11d is registered. This pattern is applied when a large-scale typhoon occurs, indicating that the instruction command organization is an organization with an organization ID of 10 and that the reporting organization is 1, 2, 3, 4, 8. Has been.

  Furthermore, by referring to the organization information table 11b, the organization corresponding to the organization ID can be specified. For example, in the example shown in FIG. 3 and FIG. 5, the reporting organization for the instruction command / report system ID “1” is the headquarters of the crisis management office, the emergency response group for company A, the emergency response group for company B, and the general affairs department. I understand.

  The disclosure control information table 11e stores information indicating a pattern of a disclosure item and a disclosure destination of a disclosure item regarding an instruction command related to emergency crisis response and a report for the instruction command. In other words, the disclosure control information table 11e is set with a disclosure destination for each disclosure item regarding an emergency instruction command and report. This disclosure may include peacetime tissues.

  Specifically, as illustrated in FIG. 6, the disclosure control information table 11 e includes a disclosure control ID, a source information disclosure destination of the instruction command, a destination information disclosure destination of the instruction command, and a content information disclosure destination of the instruction command. , Report source information disclosure destination, report destination information disclosure destination, report content information disclosure destination, registration date and abolition date. Here, the disclosure control ID is information for identifying each pattern of disclosure control as key information of this information table. In addition, as a disclosure item, a source, a destination, and contents are specified.

  Further, the instruction command issuer information disclosure destination means the disclosure destination of the instruction command issuer. The destination information disclosure destination of the instruction command means the disclosure destination of the destination of the instruction command. The content information disclosure destination of the instruction command means the disclosure destination of the content of the instruction command. Similarly, the report issuer information disclosure destination means the report issuer disclosure destination. The report destination information disclosure destination means the disclosure destination of the report destination. The report content information disclosure destination means the disclosure destination of the report content.

  The registration date / time indicates the date / time when the information of each pattern is registered in the information table, and the abolition date / time indicates the date / time when the information of each pattern becomes invalid.

  In FIG. 6, for example, in the pattern of the disclosure control ID “1”, the disclosure destination is disclosed to ANY, that is, users of all organizations (hereinafter referred to as “full disclosure”). Is shown). In addition, the pattern of the disclosure control ID “1” indicates that the disclosure destination is the instruction instruction organization and the reporting organization ALL with respect to the source, destination, and contents of the report for the instruction command. Here, the instruction command organization means an organization from which an instruction command is issued in an emergency. Further, the reporting organization ALL means all of a plurality of destination organizations of the instruction command. The reporting organization means an organization that has returned a report, that is, an organization that issued the report, among a plurality of destination organizations of the instruction command. FIG. 6 shows that this pattern information is registered in the disclosure control information table 11e on April 1, 2016 at 9:00.

  In addition, FIG. 6 shows that the pattern of the disclosure control ID “2” indicates that the report source, destination, and content disclosure destination are the general affairs department in addition to the instruction command organization and the reporting organization. . Here, the instruction and instruction organization and the reporting organization are emergency organizations, while the general affairs department is an ordinary organization. Thus, by setting the disclosure control information table 11e including the normal organization, the disclosure items for the user of the normal organization can be controlled.

  As illustrated in FIG. 5, the disclosure control ID is associated with each instruction command / report system ID in the instruction command / report system information table 11 d. That is, a disclosure destination pattern including a normal organization for each disclosure item for the instruction command and report is set in advance for each pattern of combinations of the organization of the instruction instruction or report issuing source and the destination.

  Therefore, in the management process described later, when an instruction command or report in which an instruction command / report system ID is specified is issued, a disclosure item and its report are determined by a disclosure control ID associated with the instruction command / report system ID. Disclosure destination can be specified. At that time, the instruction command organization and the reporting organization are specifically identified by comparing with the instruction command organization ID and the reporting organization ID of the instruction command / report system information table 11d.

  Further, for each user, whether it belongs as a member of an emergency organization or a member of a normal organization is set in advance, and a disclosure item can be controlled for each user in a management process described later.

  For example, the user with the user ID “1” illustrated in FIG. 4 belongs to the general affairs department with the organization ID “8” as a member of the emergency organization. Accordingly, when an instruction command or report specifying the instruction command / report system ID “1” illustrated in FIG. 5 is issued, the pattern of the disclosure control ID “1” illustrated in FIG. 6 as a member of the reporting organization. The disclosed items are disclosed in accordance with

  Further, the user with the user ID “4” illustrated in FIG. 4 belongs to the general affairs department with the organization ID “8” as a member of the normal organization. Therefore, when an instruction command or report in which the instruction command / report system ID “1” illustrated in FIG. 5 is designated is issued, as a user who does not belong to any of the instruction command organization / report organization, FIG. Disclosure items are disclosed according to the exemplified pattern of the disclosure control ID “1”. When the instruction command or report specifying the instruction command / report system ID “2” illustrated in FIG. 5 is issued to the user with the user ID “4”, the user is illustrated in FIG. 6 as a member of the general affairs department. Disclosure items are disclosed in accordance with the disclosed control ID “2” pattern.

  The instruction command / report information table 11f stores information including a source, a destination, and contents of an instruction command related to crisis response and a report for the instruction command. Specifically, as illustrated in FIG. 7, the instruction instruction / report information table 11 f includes an instruction instruction / report ID, an instruction instruction / report system ID, an instruction instruction / report flag, a corresponding instruction instruction / report ID, and contents. , The drafting organization ID, the drafter user ID, and the correspondence status are included. Here, the instruction command / report ID is information for identifying each instruction command or each report as key information of the information table.

  The instruction command / report flag indicates whether each record is an instruction command or a report. For example, “true” is set in the instruction command, and “false” is set in the report. The corresponding instruction command / report ID represents to which instruction command each record is a report. Therefore, the instruction command / report ID of the corresponding instruction command is assigned to the record corresponding to the report. The drafting organization ID represents the organization ID of the organization that issued each record, and the drafter user ID represents the user ID of the user who issued the record.

  The content indicates the specific content of the instruction command or report. The response status represents the response status to the instruction command or report. For example, when the instruction command is reported, the process is completed. In addition, when there is no report for the instruction command, or when the report is made, it is not completed, and when the instruction command is necessary again, it is not completed. This correspondence state is referred to when an unsupported list is created in a management process described later.

  The instruction command / report system ID represents an instruction command / report system ID designated by a user who issued the instruction command or report in the management process described later. The instruction command / report system corresponding to the designated instruction command / report system ID includes information on the instruction command or the report destination. That is, the reporting organization ID of the instruction command / report system corresponding to the designated instruction command / report system ID represents the organization ID of the organization of the destination of the instruction command, and the instruction command organization ID is the organization of the destination of the report Represents the organization ID.

  In FIG. 7, for example, as the record of the instruction command / report ID “1”, the user with the user ID “1” belonging to the organization that issued the organization ID “1” It is shown that an instruction command with the content "..." has been issued.

  The operation log information table 11g stores an operation log output by the control unit 12. Specifically, as illustrated in FIG. 8, the operation log information table 11g includes an operation log ID, a user ID, an organization ID, an operation, an instruction command / report system ID, a destination organization ID, and an occurrence date and time. It is. Here, the operation log ID means information for identifying each operation log as key information of the information table.

  The user ID represents the user ID of the user who performed the target operation of the operation log. The organization ID represents the organization ID of the organization to which the user with the user ID belongs. The instruction command / report system ID represents the instruction command / report system ID specified by the operation targeted for the operation log. The partner organization ID represents the organization ID of the partner organization specified in the operation of the target of the operation log. The action represents the specific contents of the action log. FIG. 8 shows that, for example, as the record of the operation log ID “1”, the user with the user ID “1” has successfully logged in at 1:29 on August 4, 2016.

  Returning to the description of FIG. The control unit 12 is realized using an electronic circuit such as a CPU (Central Processing Unit) and an MPU (Micro Processing Unit), or an integrated circuit such as an ASIC (Application Specific Integrated Circuit) and an FPGA (Field Programmable Gate Array). As illustrated in FIG. 1, the control unit 12 functions as an authentication unit 12a, a storage unit 12b, a permission unit 12c, and a registration unit 12d by executing a processing program stored in the memory. Note that these functional units may be implemented on different or different hardware.

  The authentication unit 12a authenticates the user. Specifically, the authentication unit 12a refers to the user information table 11a (see FIG. 2) when the user performs an operation input requesting login using the login ID and password at the client terminal 30. Certify.

  When the storage unit 12b receives an instruction command or report specifying a combination of the source organization and the emergency organization of the other party from a user who belongs to the emergency organization that issued the instruction command or report regarding the crisis response, The received instruction command or the report source, destination and contents are stored in the storage unit 11.

  Specifically, when the user belonging to the issuing organization designates an instruction command / report system ID and issues an instruction command or report from the client terminal 30, the storage unit 12b Information including the source, destination and contents of the command or report is stored in the instruction command / report information table 11f. In the example shown in FIG. 7, the drafting organization ID and the drafter user ID correspond to the issuing source, and the instruction command / report system ID corresponds to the other party.

  The permission unit 12c issues an issue for a disclosure item set in advance according to the combination of the issue source and the destination organization among the issue source, destination, or contents of the instruction command or report stored in the storage unit 11. Reference by a user belonging to a disclosure destination organization including a normal time organization set in advance according to a combination of the source and destination organizations is permitted.

  Specifically, the permission unit 12c refers to the instruction command or report instruction command / report system ID stored in the instruction command / report information table 11f and the corresponding disclosure control ID, and the corresponding disclosure destination organization When a user belonging to the group requests a reference, the corresponding disclosure item is permitted to be referred to.

  For example, first, the permission unit 12c sends the instruction command or report source to a user belonging to the disclosure destination organization when the instruction command or report source, destination, and contents are stored in the storage unit 11. It is notified that the other party and the contents are stored in the storage unit 11.

  That is, the permission unit 12c refers to the instruction command / report system information table 11d and the disclosure control information table 11e, and identifies the disclosure item of the corresponding instruction command or report and the disclosure destination organization. Then, the permission unit 12c stores, in the storage unit 11, the source of the instruction command or the report, the other party, and the contents of the user (see the user affiliation organization information table 11c and the organization information table 11b) belonging to the disclosure destination organization. Notify that

  For example, the permission unit 12c notifies the mail server 40 of the user's mail address together and notifies that the instruction command or report related to the organization is stored in the instruction command / report information table 11f. Is instructed to send. Note that instead of notifying each user of the organization of the disclosure destination, the client terminal 30 or the like representing the organization may be notified.

  In addition, when the user who has received the notification performs an operation for requesting reference on the client terminal 30, the permission unit 12c refers to the instruction command / report system information table 11d and the disclosure control information table 11e, and this user The disclosure item is identified, and reference to this disclosure item is permitted. That is, the permission unit 12c specifies a disclosure item including the organization to which the user belongs (see the user affiliation organization information table 11c and the organization information table 11b) as a disclosure destination, and the disclosure item in the instruction command / report information table 11f. Allow browsing of

  The notification by the permission unit 12c is not limited to email. For example, when an alarm is notified to the client terminal 30 used by the user, or when the user logs in to the client terminal 30, a message indicating that there is an instruction command or report related to a display or the like may be displayed. Good.

  In addition, the permission unit 12c notifies the source of the instruction command or report, the destination, and the content when the instruction command / report information table 11f is updated, that is, when the instruction command / report information table 11f is updated. Also good. Or the permission part 12c may notify asynchronously with the timing at which the instruction command / report information table 11f is updated. For example, the permission unit 12c may notify the organization of the disclosure destination at a predetermined time interval or when an instruction command or report source, destination, and contents of a predetermined amount or more are stored in the instruction command / report information table 11f. Notify users who belong.

  Further, the permission unit 12c may notify the disclosure item to the users belonging to the disclosure destination organization. For example, a disclosure item is described in a mail and notified. In this case, the permission unit 12c may notify a disclosure item to a user belonging to the disclosure destination organization instead of permission to refer to the instruction command / report information table 11f.

  Further, as described above, flag information for distinguishing whether the user belongs to an emergency organization member or a normal organization member is set for each user in the user affiliation organization information table 11c. The permission unit 12c can determine permission or disapproval of referring to the disclosure item for each user according to the flag information.

  The registration unit 12d outputs an operation log of the management apparatus 10 and registers it in the operation log information table 11g. Specifically, as illustrated in FIG. 8, “successful login” is registered when the authentication unit 12 a succeeds in user authentication. In addition, when the storage unit 12b is notified of the instruction command / report system ID, “instruction command / report system selection” is registered. When the storage unit 12b stores the instruction command or report in the instruction command / report information table 11f, “instruction command execution” is registered. Here, the operation log accumulated in the operation log information table 11g can be shared as know-how for crisis response.

[Management processing]
Next, management processing by the management apparatus 10 according to the present embodiment will be described with reference to the sequence diagrams of FIGS. The management process includes a storage process (see FIG. 9), a permission process (see FIG. 10), and a notification process (see FIG. 11).

  First, with reference to FIG. 9, a storage processing procedure when an instruction command or report is issued by the user will be described. The sequence diagram of FIG. 9 is started at a timing (step S1) when a user of the issuing client terminal 30 inputs a login operation.

  First, the authentication unit 12a refers to the user information table 11a and performs user authentication of the user who has performed the login operation input (step S2). Further, the registration unit 12d outputs an operation log such as “login success” or “login failure” and registers it in the operation log information table 11g (step S3). If the user authentication fails, the authentication unit 12a returns the process to the beginning, and waits for a login operation input by the user.

  When the user authentication is successful, the permission unit 12c confirms whether or not an instruction command or report having the organization to which the user belongs is newly registered in the instruction command / report information table 11f, and the client terminal The confirmation result is notified to the user by display on the display 30 (step S4). At that time, the permission unit 12c refers to the user information table 11a, the organization information table 11b, and the user affiliation organization information table 11c, and identifies the organization to which the user belongs. In addition, the permission unit 12c refers to the instruction command / report system information table 11d and the disclosure control information table 11e to determine the disclosure items and disclosure destinations of each instruction command or report registered in the instruction command / report information table 11f. Identify.

  In addition, when the user belongs to a plurality of organizations, the permission unit 12c confirms and notifies the presence / absence of an instruction command or a report that discloses all the organizations. Alternatively, the permission unit 12c may confirm and notify the presence or absence of an instruction command or a report indicating that an organization selected from among a plurality of organizations to which the user belongs at the time of login.

  When a user who has successfully logged in designates an instruction command / report system ID and issues an instruction command or report (step S11), the instruction command or report from which the storage unit 12b is issued, destination, and contents Is registered in the instruction command / report information table 11f (step S12). Also, the registration unit 12d outputs an operation log such as “select instruction command / report system” and “execute instruction command” and registers it in the operation log information table 11g (step S13). Thereby, a series of storage processing ends.

  Next, with reference to FIG. 10, a permission processing procedure for permitting the user to refer to the instruction command / report information table 11f will be described. The sequence diagram of FIG. 10 is started at a timing (step S1) when a user of the disclosure destination client terminal 30 inputs a login operation. Since the process from step S1 to the process of step S4 is the same as in FIG. 9, the description thereof is omitted.

  When a user who has successfully logged in requests reference to the instruction command / report information table 11f (step S21), the permission unit 12c belongs to the user among the information stored in the instruction command / report information table 11f. Reference is permitted for a disclosure item whose organization is a disclosure destination (step S22). At that time, the permission unit 12c refers to the organization information table 11b and the user affiliation organization information table 11c to identify the organization to which the user belongs. In addition, the permission unit 12c refers to the instruction command / report system information table 11d and the disclosure control information table 11e to determine the disclosure items and disclosure destinations of each instruction command or report stored in the instruction command / report information table 11f. Identify. Further, the registration unit 12d outputs an operation log of “reference permission” and registers it in the operation log information table 11g (step S23). Thereby, a series of permission processing ends.

  Next, referring to FIG. 11, the disclosure destination user is notified that the related instruction command or report is stored in the instruction command / report information table 11 f asynchronously with the update of the instruction command / report information table 11 f. A notification processing procedure for notification will be described. The sequence diagram of FIG. 11 is started at a predetermined time interval, for example.

  The permission unit 12c confirms the correspondence state of the instruction command / report information table 11f, extracts any instruction command or report that has been newly stored and has not been dealt with since the previous confirmation, and creates an unsupported list. (Step S31). An instruction command or report for which no response has been made means an instruction command for which no report has been made, or a command that has not been completed even if a report has been made but is waiting for another instruction command.

  When creating the uncorresponding list, the permission unit 12c refers to the instruction command / report system information table 11d and the disclosure control information table 11e, and specifies the disclosure item and disclosure destination of each instruction command or report. In addition, the registration unit 12d outputs an operation log of “unsupported list creation” and registers it in the operation log information table 11g (step S32). The registration unit 12d may register the created unsupported list in the operation log information table 11g.

  Next, for each instruction command or report in the unsupported list, the permission unit 12c newly registers an instruction command or report in the instruction command / report information table 11f for users belonging to the disclosure destination organization of each disclosure item. Is notified (step S33). At that time, the permission unit 12c refers to each information table of the user information table 11a, the organization information table 11b, the user affiliation organization information table 11c, and the disclosure control information table 11e. Further, the permission unit 12c may add a flag indicating that notification has been given to the instruction command / report information table 11f. Further, the registration unit 12d outputs an operation log “notification” and registers it in the operation log information table 11g (step S34). Thereby, a series of notification processing is completed.

  As described above, in the management apparatus 10 according to the present embodiment, the storage unit 12b receives the emergency information of the source and the other party from the user belonging to the emergency organization of the source of the instruction command or report regarding the crisis response. When an instruction command or report in which a combination of organizations is specified is received, the storage unit 11 stores the source, destination and content of the received instruction command or report. In addition, the permission unit 12c has a disclosure item that is set in advance according to the combination of the source and destination organization among the source, destination, and contents of the instruction command or report stored in the storage unit 11. The reference by the user belonging to the disclosure destination organization including the normal time organization set in advance according to the combination of the source organization and the destination organization is permitted.

  Thereby, the management apparatus 10 can appropriately manage the disclosure items and the disclosure destinations in the exchange of messages between the instruction command that can include confidential information related to crisis response and the report for the instruction command. For example, there may be a case where confidential information is included in a report message of a specific subsidiary in response to an instruction command from a parent company to a plurality of subsidiaries in a mutually competitive relationship. In that case, it can be prevented that confidential information is leaked to another subsidiary in a competitive relationship, resulting in an unfavorable situation. Alternatively, necessary and appropriate safety management measures can be taken when a business operator handling personal information issues instructions or reports.

  For example, as illustrated in FIG. 12, disclosure items and disclosure destinations can be changed depending on a real event such as a natural disaster and a cyber event such as a cyber attack, and depending on the position of the instruction command side and the reporting side. For example, for a real event, regardless of the hierarchy of the instruction command / report system, the instruction command or report source, destination, and contents can be set to be fully disclosed to all the eight related organizations shown in the figure. .

  On the other hand, with regard to cyber events, for example, in the lower-level instruction command / report system, both the source, destination and contents of the instruction command / report are included in each pattern of the instruction command / report system (3 in the illustrated example). It can be set to be disclosed to related parties disclosed to an organization or 4 organizations). Further, for example, in an instruction command / report system in a higher hierarchy, it is possible to set the instruction command or report source and destination to be disclosed to the parties concerned and not to disclose the contents to anyone other than the parties.

  Furthermore, it is possible to control items to be disclosed to users and training designers belonging to the normal organization located outside each pattern of the instruction command / report system by the emergency organization. For example, by setting the disclosure item to full disclosure, it is also disclosed to users of normal time organizations and training designers. Alternatively, it is also disclosed to the user of the normal organization by setting the normal organization to the disclosure destination. Thus, according to the management apparatus 10 of this embodiment, it becomes possible to manage appropriately the disclosure destination of the information handled by crisis response.

[System configuration, etc.]
Each component of each illustrated device is functionally conceptual and does not necessarily need to be physically configured as illustrated. In other words, the specific form of distribution / integration of each device is not limited to that shown in the figure, and all or a part thereof may be functionally or physically distributed or arbitrarily distributed in arbitrary units according to various loads or usage conditions. Can be integrated and configured. Furthermore, all or a part of each processing function performed in each device may be realized by a CPU and a program that is analyzed and executed by the CPU, or may be realized as hardware by wired logic.

  Also, among the processes described in this embodiment, all or part of the processes described as being performed automatically can be performed manually, or the processes described as being performed manually can be performed. All or a part can be automatically performed by a known method. In addition, the processing procedure, control procedure, specific name, and information including various data and parameters shown in the above-described document and drawings can be arbitrarily changed unless otherwise specified.

[program]
It is also possible to create a program in which processing executed by the management apparatus 10 according to the above embodiment is described in a language that can be executed by a computer. As one embodiment, the management apparatus 10 can be implemented by installing a management program for executing the above management process as package software or online software on a desired computer. For example, the information processing apparatus can function as the management apparatus 10 by causing the information processing apparatus to execute the management program. The information processing apparatus referred to here includes a desktop or notebook personal computer. In addition, the information processing apparatus includes mobile communication terminals such as smartphones, mobile phones and PHS (Personal Handyphone System), and slate terminals such as PDA (Personal Digital Assistants).

  In addition, the management device 10 can be implemented as a server device that uses a terminal device used by a user as a client and provides the client with services related to the management processing. For example, the management device 10 is implemented as a server device that provides a management processing service that receives a reference request for the instruction command / report information table 11f and outputs a disclosed item. In this case, the management apparatus 10 may be implemented as a Web server, or may be implemented as a cloud that provides a service related to the management process described above by outsourcing. Hereinafter, an example of a computer that executes a management program that realizes the same function as the management apparatus 10 will be described.

  FIG. 13 is a diagram illustrating an example of a computer that executes a management program. The computer 1000 includes, for example, a memory 1010, a CPU 1020, a hard disk drive interface 1030, a disk drive interface 1040, a serial port interface 1050, a video adapter 1060, and a network interface 1070. These units are connected by a bus 1080.

  The memory 1010 includes a ROM (Read Only Memory) 1011 and a RAM 1012. The ROM 1011 stores a boot program such as BIOS (Basic Input Output System). The hard disk drive interface 1030 is connected to the hard disk drive 1031. The disk drive interface 1040 is connected to the disk drive 1041. For example, a removable storage medium such as a magnetic disk or an optical disk is inserted into the disk drive 1041. For example, a mouse 1051 and a keyboard 1052 are connected to the serial port interface 1050. For example, a display 1061 is connected to the video adapter 1060.

  Here, the hard disk drive 1031 stores, for example, an OS 1091, an application program 1092, a program module 1093, and program data 1094. Each table described in the above embodiment is stored in the hard disk drive 1031 or the memory 1010, for example.

  Further, the management program is stored in the hard disk drive 1031 as a program module 1093 in which a command executed by the computer 1000 is described, for example. Specifically, a program module 1093 describing each process executed by the management apparatus 10 described in the above embodiment is stored in the hard disk drive 1031.

  Data used for information processing by the management program is stored as program data 1094 in, for example, the hard disk drive 1031. Then, the CPU 1020 reads the program module 1093 and the program data 1094 stored in the hard disk drive 1031 to the RAM 1012 as necessary, and executes the above-described procedures.

  Note that the program module 1093 and the program data 1094 related to the management program are not limited to being stored in the hard disk drive 1031, but are stored in a removable storage medium, for example, and read out by the CPU 1020 via the disk drive 1041 or the like. May be. Alternatively, the program module 1093 and the program data 1094 related to the management program are stored in another computer connected via a network such as a LAN or a WAN (Wide Area Network), and read by the CPU 1020 via the network interface 1070. May be.

  As mentioned above, although embodiment which applied the invention made | formed by this inventor was described, this invention is not limited with the description and drawing which make a part of indication of this invention by this embodiment. That is, other embodiments, examples, operational techniques, and the like made by those skilled in the art based on this embodiment are all included in the scope of the present invention.

DESCRIPTION OF SYMBOLS 10 Management apparatus 11 Storage part 11a User information table 11b Organization information table 11c User affiliation organization information table 11d Instruction command / report system information table 11e Disclosure control information table 11f Instruction command / report information table 11g Operation log information table 12 Control unit 12a Authentication Unit 12b storage unit 12c permission unit 12d registration unit 20 network 30 client terminal 40 mail server

Claims (7)

The instruction received when the instruction instruction or report specifying the combination of the issuing organization and the emergency organization of the other party is received from the user belonging to the emergency organization that issued the emergency response instruction or report. A storage unit that stores a command, a source of the report, a destination, and contents in a storage unit;
Of the instruction command or the report source, destination or content stored in the storage unit, the disclosure item preset according to the combination is the normal time preset according to the combination. A permission unit that permits reference by a user belonging to the disclosed organization including the organization of
A management apparatus comprising: The storage unit further stores, for each user, flag information for identifying whether the user belongs to an emergency organization member or a normal organization member,
The management device according to claim 1, wherein the permission unit permits the user to refer to the information according to the flag information.   The permission unit further notifies a user belonging to the organization of the disclosure destination that a source, a destination, and contents of the instruction command or the report are stored in the storage unit. Item 3. The management device according to Item 1 or 2.   The permission unit is configured to issue the instruction command or the report issuer at a predetermined time interval or when the instruction command or the report issuer, destination and content of the instruction command are stored in the storage unit. The management apparatus according to claim 3, wherein a user belonging to the disclosure destination organization is notified that the other party and the contents are stored in the storage unit.   The management device according to claim 3 or 4, wherein the permission unit notifies the disclosure item to a user belonging to the organization of the disclosure destination. A management method executed by a management device,
The instruction received when the instruction instruction or report specifying the combination of the issuing organization and the emergency organization of the other party is received from the user belonging to the emergency organization that issued the emergency response instruction or report. A storage step of storing the source of the instruction or the report, the other party and the content in the storage unit;
Of the instruction command or the report source, destination or content stored in the storage unit, the disclosure item preset according to the combination is the normal time preset according to the combination. A permission process for permitting reference by a user belonging to the disclosed organization including the organization of
A management method characterized by including The instruction received when the instruction instruction or report specifying the combination of the issuing organization and the emergency organization of the other party is received from the user belonging to the emergency organization that issued the emergency response instruction or report. A storage step of storing the source of the instruction or the report, the other party and the content in the storage unit;
Of the instruction command or the report source, destination or content stored in the storage unit, the disclosure item preset according to the combination is the normal time preset according to the combination. An authorization step for allowing reference by a user belonging to the disclosed organization including the organization of
A management program for causing a computer to execute.

Images