The invention discloses a full life cycle management-and-control method and system of an information safety risk. The method comprises that intelligence information of the safety risk is obtained; the intelligent type of the intelligence information is analyzed; according to the intelligence type, the intelligence information is standardized to generate standardized data of a predetermined format; the standardized data is analyzed to generate historical life-cycle information corresponding to the safety risk, and a frangibility vector is generated according to data stored in a safety risk information base; historical life-cycle information is analyzed to determine an amplification factor corresponding to the safety risk; and according to the frangibility vector and the amplification factor, the quantified frangibility of the safety risk is determined. Thus, calculation of the quantified frangibility via the historical life-cycle information is dynamic, and compared with a traditional static high-danger, intermediate-danger and low-danger leveling method, the method of the invention can be used to evaluate the frangibility caused by the asset safety risk more significantly.