Browse > Article
http://dx.doi.org/10.3745/KIPSTD.2007.14-D.3.303

The research regarding an information system risk management process characteristics  

Kim, Tai-Dal (청운대학교 컴퓨터학과)
Lee, Hyung-Won ((주)매타리스크)
Publication Information
The KIPS Transactions:PartD / v.14D, no.3, 2007 , pp. 303-310 More about this Journal
Abstract
Information system failure is various such as program test unpreparedness, physical facilities for damage prevention unpreparedness from simple software error. Although cross is trifling the result causes vast damage. Recently, became difficult by simple outside security system to solve this problem. Now, synthetic countermove establishment and suitable confrontation connected with danger came in necessary visual point about general Information Technology of enterprise. In connection with, in this paper, various informations and system and control about data that can happen information inside and outside considering integrity for IT resource, solubility, confidentiality within organization studied about special quality to model synthetic Risk Management System that can of course and cope in danger.
Keywords
ERM(Enterprise Risk Management); NMS(Network Management System); SMS(Server Management System); CMS(Change Management System); ESM(Enterprise Security Management); ERDB(Enterprise Risk Database); ITRMS(Information Technology Risk Management System); CM(Configuration Management); BPM(Business Process Management); BI (Business Intelligence);
Citations & Related Records
연도 인용수 순위
  • Reference
1 'Annual defense report,' http://www.dod. mil/ execsec/adr2003/index.html, 2003
2 이형원, 'IT창업경진대회 ITRMS 출품 명세서,' 정보통신부, 2004
3 (주)메타리스크, 'IT위험관리시스템 제품 사양서,' 2006
4 김인중, '정보통신 기반시설에 관한 위험분석 및 피해산정 연구', 성균관대학교 대학원 박사학위 논문, 2005
5 e-TQM, '위험관리', 삼성 SDS, 2003
6 KSA0000, '리스크관리 용어-규격에 사용하기 위한 지침', 한국표준협회, 2001
7 'ARM standard,' AIRMIC,ALARM,IRM,2002
8 Jerry, Micccolis, Samir Shah, 'Enterprise Risk Management,' 2000
9 'Enterprise Risk Management-Integrated framework,' COSO, 2004
10 Gary Stonebumer, Alice Goguen, and Alexis Feringa, 'Risk Management Guide for Information Technology systems,' NIST, 2001
11 CSE, 'Threat and Risk Assessment Working Guide,' http://www.cse-cst.gc.ca /publications /gov-pubs/itsg/itsg04-e.html, 2006
12 ISACA, 'serving IT governance professionalsCOBIT online,' 2006
13 U.S DOD, 'Risk Management Guide for Acquisition,' sixth Edition(V1.0), August 2006
14 ANSI/PMI 99-001-2000, an American National Standard, 'A Guide to the Project Management Body of Knowledge (PMBok Guide),' 2000 Edition
15 'RM Terminology Guidelines for use in standard,' ISO/IEC Guide 73, 2000