Earticle

현재 위치 Home

Developing a Framework for the Implementation of Evidence Collection System : Focusing on the Evaluation of Information Security Management in South Korea

첫 페이지 보기
  • 발행기관
    한국정보기술응용학회 바로가기
  • 간행물
    JITAM 바로가기
  • 통권
    Vol.26 No.5 (2019.10)바로가기
  • 페이지
    pp.13-25
  • 저자
    Myeonggil Choi, Sungmin Kang, Eunju Park
  • 언어
    영어(ENG)
  • URL
    https://www.earticle.net/Article/A367334

※ 기관로그인 시 무료 이용이 가능합니다.

4,500원

원문정보

초록

영어
Recently, as evaluation of information security (IS) management become more diverse and complicated, the contents and procedure of the evidence to prepare for actual assessment are rapidly increasing. As a result, the actual assessment is a burden for both evaluation agencies and institutions receiving assessments. However, most of them reflect the evaluation system used by foreign government agencies, standard organizations, and commercial companies. It is necessary to consider the evaluation system suitable for the domestic environment instead of reflecting the overseas evaluation system as it is. The purpose of this study is as follows. First, we will present the problems of the existing information security assessment system and the improvement direction of the information security assessment system through analysis of existing information security assessment system. Second, it analyzes the technical guidance for information security testing and assessment and the evaluation of information security management in the Special Publication 800-115 'Technical Guide to Information Security Testing and Assessment' of the National Institute of Standards and Technology (NIST). Third, we will build a framework to implement the evidence collection system and present a system implementation method for the ‘6. Information System Security’ of ‘information security management actual condition evaluation index’. The implications of the framework development through this study are as follows. It can be expected that the security status of the enterprises will be improved by constructing the evidence collection system that can collect the collected evidence from the existing situation assessment. In addition, it is possible to systematically assess the actual status of information security through the establishment of the evidence collection system and to improve the efficiency of the evaluation. Therefore, the management system for evaluating the actual situation can reduce the work burden and improve the efficiency of evaluation.

목차

Abstract
1. Introduction
2. Analysis of Existing Information Security Situation
3. Evidence Collection System Framework Overview
4. Framework Analysis: Step-by-Step
5. System Implementation Method by Security Item of Information System
6. Conclusion
References

키워드

Evidence Collection System IS Management IS Assessment Evaluation of IS

저자

  • Myeonggil Choi [ College of Business and Economics, Chung-Ang University ]
  • Sungmin Kang [ Professor of MIS, College of Business Administration and Economics Chung-Ang University ] Corresponding author
  • Eunju Park [ Department of Business Administration, Chung-Ang University ]

참고문헌

자료제공 : 네이버학술정보

간행물 정보

발행기관

  • 발행기관명
    한국정보기술응용학회 [The Korea Society of Information Technology Applications]
  • 설립연도
    1999
  • 분야
    사회과학>경영학
  • 소개
    본 학회는 정보기술 관련 분야의 연구 및 교류를 촉진하여 국가 및 기업정보화 발전에 공헌함을 그 목적으로 한다.

간행물

  • 간행물명
    JITAM [Journal of Information Technology Applications and Management]
  • 간기
    격월간
  • pISSN
    1598-6284
  • eISSN
    2508-1209
  • 수록기간
    1999~2026
  • 십진분류
    KDC 005 DDC 005

이 권호 내 다른 논문 / JITAM Vol.26 No.5

    피인용수 : 0(자료제공 : 네이버학술정보)

    함께 이용한 논문 이 논문을 다운로드한 분들이 이용한 다른 논문입니다.

      출처 : 네이버학술정보

        0개의 논문이 장바구니에 담겼습니다.

        페이지 저장
        소속기관 조회
        이용자님의 소속기관(단체)이 서비스에 가입되어 있는지 확인해 보십시오.
        기관회원에 소속되어 있는 이용자는 원문을 무료로 이용할 수 있습니다.