Home αȸ ô±
  • 협회소개

ڷ

  • Home
  • ȳ
  • ڷ
   [] ȣ Źͽ - (ȴ, 2011.2.24)   2013.11.27  HIT:7355

ȣ, ߿ ÷


(alignment) ϰ ϴ١ ̴. ϸ 翬 ٴ ̴. ұ? Į 񿡼 ֵ ȣ ־ Ѵٴ ̴.

(Strategic Alignment)
ǥ ޼ϱ ü ȹ Ƴ ̴. ȣ ؾ Ѵٴ ʹ θ ؼؼ ڵ鿡 ̴. Ư ȣ Źͽ ߵϰ ִ ǿ  ü ִ ȣ ڵ鿡Դ ִ.

׷ٸ ڵ ٽ ѹ 鿩 ? ϴ ȣ ڷ ϸ鼭 ѹ ٰ ̴. 濵ȯ濡 Ƴ ִ. ⼭ ο . 鼭 ȣ Ȥ ̶ ִ°? ̷ ִٸ ȣ ϴ ȣ ü ̰ ̿ İ ãƺ ȣ Ȥ ̶ .


ȣ μ ϳε ν ִ. Ϲ ִ Ӿ ΰ üȭϴ ȹ̴. ̷ ޼Ǿ߸ ӱ(going concern) Ģ Ǿ ϴ ̴. 
                                                             
׷ ޼ ϰ ִ ڻ ȣ   ̷ ȣ μ ϰ Ѿ ϴ ̴.


Ư 츦 ϰ ޿ 󿩱 ޴ ̶ Ѵٸ ȣ ü ȸ δ ̴. ȣ ƴ϶, ȣ μ ü ϰ Ű ȣ ڳ 䱸 ּ ϴ ڸ ̴.

 

ȿ(Cost-effectiveness)

޼ϱ ؼ ȣ Ǿ ȣ Ǿ ϴµ ̶ ȿ̶  ߿ϴ. ϰ ϴµ Ǵ ڱݾ ϴ ̴. ȿ̶ ޼ߴĸ Ѵ. ؼ ؼغ ޼ ؼ ȣ ̷µ ּ 鼭 ȣ ߴĴ ̴. ưԵ ǥѴ.


ü ǥ 䱸(Business Objective and Requirement)

ȣ ȿ̶ Ƿ 켱 ȿ Ǻϰ ϴ ־ Ѵ. ȿ ޼Ǿٴ ε ޼Ǿ ˱? ǥ Ȥ 䱸 Ȯؾ ȣ ڴ ȣ ǥ ü ִ. ü ȣ ǥ ־ ȭ ߴ ִ.

κ ǥ Ȯ ϸ鼭 ȣ 䱸 и 찡 . ù° ڳ ȣ μ ˾Ƽ ֱ⸦ ٶٴ ̴. ΰ̳ ̵ ƴϰ ˾Ƽ . ° 䱸׿ ȣ ڰ ޾Ƶ̴  ٸٴ ̴. ȣ μ ӿ ȣ ̻ ȸǴ ٸ  ϱ ֱ⿡ ְ ޴ Ȯ ϱⰡ ƴ.

ȣ 䱸 Ͻ (Business Language)

տ ȣ ǰ ϱ ؼ ȣڴ ˾Ƽ ֱ⸦ ٶ ü 䱸 ϱ ð ؾ Ѵ. Ȯ 䱸 Ǿ װ ִ.


ε ȣ Źͽ(Information Security Governance) ô뿡 Źͽ Ե ̶ ȣ ؿ ر ǻ CISO(Chief of Information Security; ȣ ̻) ƴ 濬 ̻ȸ å ̴.

濬 ̻ȸ ȣ 翬 ƴϴ. ׵ 濵 ̴. ׷Ƿ CISO̵ ȣ ̵  ƴ 濵 ǻؾ Ѵ. Ͻ , 濵 ؾ 濵 ϴ ǵ ˾Ƶ ִ ̴.

    

    Ͻ  ǻ


踦 Ÿ ǥ(Indicators)

׷ٸ ȣ ٷ Ÿ ǥ 캸 Ʒ .

ȹ ü Ͻ Ȱ Ÿ Ѵ.

ȣ Ͻ 䱸׿ ؼ Ѵ.

ǥ ȣ ǥ ȣ ȣ Ȱ ǵǰ صž Ѵ.

ȸ(Information Security Steering Committee) ǰ ̻ȸ 濵 ޾ƾ Ѵ.

ϻȰ κ Ģ̳ ȣϰ ȴ. ̵ ܿ£ Ű  ͳݿ 鿡 .  ϴ. ְ ԰ ; Ű ̿  ϸ ȿ ñϱ ̴. ϻȰ ְ ȿ ̷ õ ֱ ̴. ȣ ̿ ٸ ʴ. ȣ Źͽ ϱ ؼ ȹ ־ Ѵ. ȹ ȣ μ ȹ ļ ȵǸ иǾ ȴ.

ȣ Źͽ ù ° ޼ϰ ϴ ٷ Ǿ߸ Ѵ. ȣ μ ̱⵵ ϴ. Į ؼ ȣ θ ߿ ø ȸ DZ⸦ ٶ.

[ _ ITáIT ߾̿ ̻(josephc@chol.com)]

ISACA, ȸ 缱(ũ, 2011.2.10)
Źͽ ô...ȣ Źͽ ָؾߡ (ȴ, 2011.2.25)