• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.13-19
• /
• 2010

The flow of time, depending on the company's ongoing business link to guarantee the proportion of much greater importance, it in the organization as part of an enterprise-wide level, rather than acting on the information society has been considered as the topic of race. Information Security Governance, the integrity of the information, service continuity, the three kinds of information asset protection purpose begins. It is essential for corporate governance, transparency should be part, must be aligned with the IT framework. Existing information security governance framework that small businesses a wide range of governance issues and interests have never had. Therefore, we simplified the information security governance framework is proposed, and solve problems, and propose a framework for analysis of the safety and efficiency through the analysis of the effectiveness of the proposed method were discussed.

• Journal of the military operations research society of Korea
• /
• v.34 no.2
• /
• pp.175-191
• /
• 2008

The Korean military is aware that EA(Enterprise Architecture) is an important tool for transforming national defense and building Korean NCW, being developing the Ministry of National Defense Enterprise Architecture(MND-EA). However, unlike the importance of MND-EA, they are building MND-EA without the explicit EA governance system Many researchers have emphasized that it is difficult to develop the useful EA without EA governance. In this study, we present the EA governance framework for implementing the effective MND-EA. Through the investigation of the state of EA development and EA governance of home and abroad public institutions, we recognize the importance of EA governance, identifying the EA governance components. We set up the basic governance model consisted of principle, organization and process, designing the MND-EA governance framework by mapping the model to governance scope and target. The proposed governance framework provides direction for explicit and formal MND-EA governance system.

• Journal of Digital Convergence
• /
• v.17 no.8
• /
• pp.89-94
• /
• 2019

Due to the limitations of public and private blockchain, several organizations are implementing consortium blockchain systems. In order for an organization to conduct business using blockchain, it must consider 'blockchain governance' factors, such as decision rights, accountability and incentives over on-chain and off-chain, depending on the organization's strategy and objectives. If an organization conducts business without blockchain governance, it cannot achieve its strategy and objectives systematically, effectively and efficiently, and cannot comply with internal external requirements such as the expectations of stakeholders and laws. However, as businesses using consortium blockchain expand, there is no research on consortium blockchain governance. Thus, in this study, the consortium blockchain governance framework, including functions, roles and responsibilities, was developed to help organizations effectively and efficiently conduct business using consortium blockchain. In addition, to review the feasibility of the developed consortium blockchain governance framework, the framework was reviewed through an advisory committee consisting of experts on blockchain and governance over two occasions. As a result of the review, components of the consortium blockchain governance framework, including functions, roles and responsibilities, were considered complete and relevant.

• KIPS Transactions on Software and Data Engineering
• /
• v.7 no.10
• /
• pp.367-376
• /
• 2018

University IT center usually has led IT system and headquarters have been working as a separate organization. If we apply the governance framework that is unique to the university system for IT governance in university IT project, IT transparency and efficiency are increased, and IT is no longer a simple tool but a university IT governance it will be stabilized. To improve existing problems, UCC was developed a unique framework of university organization based on CobiT Cube. So it can use effectively University IT on various side. I propose a method that can be applied to university information system sequentially through UCSP spiral process so that information service is classified into 5 areas and process is gradually applied.

• Journal of Internet Computing and Services
• /
• v.20 no.4
• /
• pp.63-72
• /
• 2019

As a sub-concept of corporate or organization governance, business governance and IT governance have become major research topics in academia. However, despite the importance of process as a construct for mediating the domain between business and information technology, research on process governance is relatively inadequate. Process Governance focuses on activities that link business strategy with IT system implementation and explains the creation of corporate core values. The researcher studied the basic conceptual governance models of political science, sociology, public administration, and classified governance styles into six categories. The researcher focused on the series of metamodels. For examples, the traditional Strategy Alignment Model(SAM) by Henderson and Venkatraman which is replaced by the neo-SAM model, organizational governance network model, sequential organization governance model, organization governance meta model, process governance CUBE model, COSO and process governance CUBE comparison model, and finally Process Governance Framework and etc. The Major difference between SAM and neo-SAM model is Process Governance domain inserted between Business Governance and IT Governance. Among several metamodels, Process Governance framework, the core conceptual model consists of four activity dimensions: strategic aligning, human empowering, competency enhancing, and autonomous organizing. The researcher designed five variables for each activity dimensions, totally twenty variables. Besides four activity dimensions, there are six driving forces for Process Governance cycle: De-normalizing power, micro-power, vitalizing power, self-organizing power, normalizing power and sense-making. With four activity dimensions and six driving powers, an organization can maintain the flexibility of process governance cycle to cope with internal and external environmental changes. This study aims to propose the Process Governance competency model and Process Governance variables. The situation of the industry is changing from the function-oriented organization management to the process-oriented perspective. Process Governance framework proposed by the researcher will be the contextual reference models for the further diffusion of the research on Process Governance domain and the operational definition for the development of Process Governance measurement tools in detail.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.777-784
• /
• 2010

In modern information society, the necessity arose of having to manage overall information technology as information technology is introduced to companies and public organizations while the necessity of joining the goals of business and IT is increasing. Also, there has been an increase in organizations which are preventing the overlapping of IT investigations and pursuing ROI. Hereupon, many developed companies created the concept of IT governance. IT governance indicates the structure and dynamic behavior of companies' business and the structural affecting factors influencing IT, and this is expressed as business, the business & IT related committees and departments inside and outside, the framework representing their relationship and range of activity, organizational diagram and process composition. Intermingled with such external factors, the reestablishment of defense IT governance in order to reach the vision and goal of our current military defense has become a requirement. This study aims to describe core strategy for building defense IT governance framework. In order to support these claims, the comprehensive IT governance and information technology are mentioned, domestic and overseas military cases are analyzed, and core strategy for building defense IT governance framework is analyzed as well.

• Review of KIISC
• /
• v.17 no.4
• /
• pp.18-25
• /
• 2007

정보보호는 더 이상 기술적 이슈가 아니고 최고경영층의 적극적 역할 수행 및 책임을 요구하는 정보보호 거버넌스 이슈가 최근 대두되고 있다. 본 논문에서는 정보보호 거버넌스의 출현 배경과 필요성에 대해 간단히 기술하고 정보보호 거버넌스의 프레임워크를 제시한다. 그리고 정보보호 거버넌스 구현을 위한 주요 분야를 제시하고 이와 관련한 기존 연구의 한계점을 분석하면서 향후 해결되어야 할 연구과제를 제시한다.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.5
• /
• pp.179-186
• /
• 2019

Information system audit, which provides effective diagnosis and inspection of IT governance, is applied to all aspects from planning to development and operation. However, there is a difficulty in carrying out the audit because the system for the specialized university IT project is not developed. Therefore, it is necessary to set the internal system as the audit-based application framework in order to apply it to university IT governance. In this paper, we propose a audit-based application framework of university information system developed for university. The framework has a difference from the existing audit system. By using this framework, it is possible to present a standard for the university IT project and easily approach and use it in the field. And it can be used for direct audit through this framework in the level of the auditor as well as the HQ admin. The framework categorizes the audit into three major dimensions and suggests a method that can be applied to the university information system audit through the UAFP(University Audit Framework Process) and quality assurance.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.8
• /
• pp.323-330
• /
• 2019

In order to improve the level of the IT organization, CMMi played a lot of roles in improving the IT efficiency and quality step by step. In a university organization if you use a customized IT governance framework for the concept of CMMi, it will be a university IT governance to realize the vision of the university. In this paper, we propose Staged Framework for the university developed for applying to university with reference to this staged model of CMMi. The university has applied its own process step by step and it can be uses in the university field. So it can be applied to university IT plan and budget in compliance with not only the person in charge of IT service center but the person in charge of university headquarters. The staged framework is classified into the maturity and process of university IT project and suggests ways to apply it to the improvement of university IT system levels.

• Journal of Intelligence and Information Systems
• /
• v.29 no.1
• /
• pp.353-376
• /
• 2023

The global pandemic and the development of virtual and augmented reality technologies have led a metaverse boom that enables a lot of interactions in virtual worlds, and is being utilized in various fields such as business, government, and education etc. Despite the growing interest in the metaverse, its scope and definition are still unclear and the concept is still evolving, making it challenging to establish its governance. Governmental entities are also investing intensively in public metaverses to make public value and promote social welfare, but they are underutilized due to lack of systematic governance. Therefore, in this study, we propose a public metaverse governance framework and identify the relative importance of the factors. Furthermore, since a public metaverse should be accessible to anyone who wants to use, we explore the factors of shadow work and examine the ways to minimize it. Based on the socio-technical system theory, we derived public metaverse governance factors from previous literature and topic modeling and then generate a framework with 23 factors through expert interviews. We then tested relative priority of the factors using the analytic hierarchical process (AHP) from the experts. As a result, the top five overall rankings are: 'roles and responsibilities', 'standardization/modularization', 'collaboration and communication', 'law and policies', and 'availability/accessibility'. The academic implications of this study are that it provides a comprehensive framework for public metaverse governance, and then the practical implications include suggesting prioritized considerations for metaverse operations in the public sector.