Browse > Article
http://dx.doi.org/10.6109/jkiice.2022.26.4.582

Proposal of ISMS-P-based outsourcing service management method through security control business relevance analysis  

Ko, Dokyun (Graduate School of Information Security, Sejong Cyber University)
Park, Yongsuk (Graduate School of Information Security, Sejong Cyber University)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.26, no.4, 2022 , pp. 582-590 More about this Journal
Abstract
As security threats caused by cyber attacks continue, security control is mainly operated in the form of a service business with expertise for rapid detection and response. Accordingly, a number of studies have been conducted on the operation of security control services. However, due to the research on the resulting management, indicators, and measurements, the work process has not been studied in detail, causing confusion in the field, making it difficult to respond to security accidents. This paper presents ISMS-P-based service management methods and proposes an easy outsourcing service management method for client by checklisting each item derived from the mapping of 64 items of ISMS-P protection requirements through business relevance analysis. In addition, it is expected to help implement periodic security compliance and acquire and renew ISMS-P in the mid- to long-term, and to contribute to enhancing security awareness of related personnel.
Keywords
Information Security Consulting; Security Control; ISMS-P; Outsourcing; Business Area;
Citations & Related Records
연도 인용수 순위
  • Reference
1 T. S. Yoon and Y. S. Park "Establishment and Effectiveness Analysis of Emergency Vehicle Priority Signal Control System in Smart City and Directions for ISMS-P Technical Control Item Improvement," Journal of the Korea Institute of Information and Communication Engineering, vol. 25, no. 9, pp. 1166-1175, Sep. 2021.   DOI
2 T. J. Ko, (2017, june). Trade scam, Have you ever heard of scams?. joseplus. Available: https://www.joseplus.com/news/newsview.php?ncode=1065590650621360
3 S. H. Kim, (2016, April). The internal assistant for civil service exam preparation students was the Ministry of Personnel Management and Innovation. hankookilbo. Available: https://www.hankookilbo.com/News/Read/201604080475235837
4 KISA, "ISMS-P Certification Standard Guide", 2019.
5 E. S. Lee, "A Study on Enhancing Security Management of Outsourcing for Information System Establishment and Operation," Ph. D. dissertation, Korea Polytechnic University, 2020.
6 J. W. Moon, "An Empirical Study and Designing of Security Level Quantify Model for ICT Outsourcing," M. S. theses Sangmyung University, 2015.
7 S. K. Yeon, D. H. Sin, and N. R. Park, ISMS-P Certification Practice Guide Considering Cloud Environment, Seoul, Acorn Pub., 2020.
8 J. H. Kim, "A Study on Measurement Indicator of Outsourced Security Monitoring and Control Level in Public Organizations," Ph. D. dissertation, Soongsil University, 2014.
9 J. M. Lee, "An Empirical Study on the Auditing Methods for Outsourcing of Security Monitoring & Control," M. S. theses, Konkuk University, 2013.
10 J. S. Park, "A Study on Detailed Work Items of Security Monitoring and Control Services," M. S. theses, Dongguk University, 2014.
11 K. H. Lee, (2021, octorber). [KT's Internet is messed up] A human-made disaster who destroyed common sense... The government was also perplexed. bloter. Available: https://www.bloter.net/newsView/blt202110290193newsview.php?ncode=1065590650621360