,
̹ȸ â ̹ ü ȮѰ Ѵٴ ȸ ȭΰ ǰ ִ. ̸ Ѱ ִ 簡 Ȳ̴. ̹ ֺ 8ȸп CISO(Chief of Information Security Officer: ȴ ̻) ʿ伺 ϰ CISM ڰ ؼ Ұϴ ð ϰڴ. ڴ IT ()Ű åƮ. < >
[ ]
CISM Ұ
CISM 迵: ȰŹͽ
CISM 迵:
CISM 迵: α
ISMS(Ȱü)
CISM(Certified Information Security Manager; ) 並 ѷҴ. Źͽ ITŹͽ ϰ 濵 ̻ȸ å εǴ Źͽ CISM, IT CISO(Chief of Information Security Officer: ̻) Ȥ CSO(Chief of Security Officer: ̻) Ͽ Ҵ. ̷ CISM ڰݽ 5 迵 ̹ ȣ ϳ 캽ν ITŹͽ Ȯ CISM ѹ ٰ ϰڴ.
CISM 1 Źͽ
ISACA (Information System Audit & Control Association) ITGI(IT Governance Institute) Źͽ 濵 ϴ 濵 ̻ȸ ϴ åӰ ̸ 濵ǥ ϴ ϰ ϰ ϸ ڿ å ְ ǰ Ȯϴ Ͽ. Ǵ ITŹͽ 5 뿡 ̶ ִ.
濵 Ͽ ǹ ̾ ȿ Źͽ Ͽ ǥϿ. ̸ ġ (Components of Security Metrics) ϴµ 濵 ̻ȸ ǹ å ̴ ݵ 跮ȭ Ǿ ġ Ÿ мǾ Ѵ.
Źͽ 8 Ȱ(Task Statement) ȭ (Knowledge Statement) Ǿ ִ. Ȱ
Task 1.1 Ͻ ǥ ϴ
Task 1.2 Źͽ
Task 1.3 ȣ ڸ ִ Ͻ ̽
Task 1.4 ȿ ġ Կ ĺ
Task 1.5 ġ ĺ (, ȯ, , ġ)
Task 1.6 ȿ 濵 ȹ
Task 1.7 ݿ Ұ å
Task 1.8 ϴ ܺ Ȱ
CISM
濵 ̲ ִ° CISM Ѵٸ ̴. ġ Ȱ ¿ νᡱ, νᡱ, Ÿ ʸ ־ νᡱ ̴. 1 ȣ Źͽ ٽ Ͻ Ŵνᡱ 濵 ̲ ִٶ õǴ ̶ ϰ ʹ.
CISM 迵 1 ȣ Źͽ 캸Ҵ. ؾ ϴ ü ߿ ̶ ٴ ʿϴٴ ⺸ ߿ϴٰ ϰڴ.
ڼ http://www.isaca.or.kr/Ȥ http://www.lyzeum.com/ ãƺ ִ.
ڷ ó
http://www.isaca.org/
http://www.isaca.or.kr/
http://www.lyzeum.com/
Information Security Governance-Guide for BOD & xecutives, ITGI, 2004
Information Security Governance, ITGI, 2008
CISM Review Manual, ISACA. 2006~2008
CISM Review Questions/Answer/Explanations Manual, ISACA, 2008
-:
-IT ()Ű åƮ
-б п а
-()ѱý ȸ ISACA GRA ȸ
-ѱ CISSP ȸ ISC2 Korea а
-CISM, CGEIT, CISA, COBIT, CISSP, PMP, ITIL, CIA, IT-EAP, ISO 27001 ý
ۡ(CISM, CGEIT, CISA, COBIT, CISSP, PMP, ISO27001, CIA, ý۰) / josephc@chol.com
[ α (reporter21@boannews.com)]