• The Korean Journal of Archival Studies
• /
• no.27
• /
• pp.119-168
• /
• 2011

This paper proposed risk management approach as a self-audit framework to achieve the goals which might be common among the records management organizations in Korea governmental and public area. After introducing the history and the concept and process of risk management approach and examining DRAMBORA's framework, the processes and the methods of risk management for the electronic records which are customized from DRAMBORA are explained in details: How to define the business context of organizations, how to determine the business functions and activities and related risks, how to assess the level or severity of each risks and some considerations related to risk assessment. As a result, this paper shows that application of DRAMBORA's framework to the electronic records management organizatioins is not only possible but also useful and effective. The critical point for the success of application for DRAMBORA's framwork or the risk management approach itself each organizations which wants to accept that framework should define its own business functions and activities and the goals in respect areas.

• The Journal of the Convergence on Culture Technology
• /
• v.9 no.6
• /
• pp.789-793
• /
• 2023

Evalution of counter drone systems is conducted in order to designate plausible countermeasues against possible drone threats, assess the level of safety of national major facilities and derive complementary measures for detected weakness. Recently drone threats by North Korea have heavily impacted ROK(Republic of Korea) people and it has been stronly stressed to build efficient counter drone system for make the society protected and secured against drone threats. The researchers has conducted field investigations for some of national major facilites. There is, however, no standardized evaluation checklist, so we have proposed an evaluation checklist for counter drone systems though thinking process of RMA(Revolution in Military Affairs). This paper is to introduce the evaluation checklist for properly diagnosing each counter drone system.

• Information and Communications Magazine
• /
• v.16 no.3
• /
• pp.74-84
• /
• 1999

'99년 말까지 2000년 문제를 해결하지 못하는 경우 국가사회 전반의 정보체계에 혼란이 초래될 수 있다. 이런 이유로 범 국가적 차원에서 연도표기 문제에서 발생할 수 있는 2000년 문제에 대한 현황 파악 및 대책 수립을 위하여 국무총리실 주관의 '통신시스템 2000년 연도표기문제 대책 협의회'를 구성하여 체계적으로 추진 한바 있다. 또한, 앞으로 약 200일 정도 남은 현 시점에서 2000년 문제가 사회에 발생함 으로서 심대하게 영향을 미치는 공중망을 이용한 음성 및 데이터 통신시스템에서의 2000년 문제를 재조명해 보고 이 분야에 만전을 기하기 위하여 그간 추진하였던 2000년 문제 점검 방법, 점검 항목 및 개량 개선 일정 등을 정리 제시 하였고, 또한 2000년 문제 발생 가능성 등을 사전 진단하기 위해 관련 기관과 합동으로 현장 점검한 음성과 데이터통신시스템의 주체가 되는 전화 교환기 및 통신처리시스템의 상세 점검 사항을 살펴 보고자 한다.

• Review of KIISC
• /
• v.20 no.6
• /
• pp.73-87
• /
• 2010

정신한은행은 '10년 1 월부터 6월까지 약 6개월 동안 "위험관리 기반의 침해사고 조기 대응체계 구축" 프로젝트를 수행하여 침해 시도 조기 탐지 및 대응을 위한 "침해사고 조기 경보 시스템" 및 "침해 사고 대응 프로세스 전산화"와 침해 사고의 사전 예방 강화를 위한 "정보시스템 상시 취약점 점검 체계"를 모두 하나의 프레임웍으로 묶어 통합 구축하였다. 신한은행은 이를 통해 내부망 및 인터넷 서비스망에 대해서 이마 알려진 네트웍 침입 패턴뿐만 아니라 네트웍 트래픽 전반에 대한 모니터링을 대폭 강화하여 기존 침입탐지 시스템이나 디도스 대응 시스템 등에서 탐지가 불가능했던 신종 침입 유형이나 소규모 디도스 공격 트래픽도 자동화된 탐지가 가능하게 되었다. 그리고 탐지된 침입시도의 유행 및 위험 수준에 따라서 사전 정의된 침해사고 대응 프로세스를 통해, 정보보안 담당자가 관련 부서 및 경영진의 요구사항에 각각 최적화된 전용 상황 모니터링 화면을 공유하며 침해사고를 효과적으로 공동 대응할 수 있게 되었다. 또한 정보시스템 전반에 대하여 상시 취약점 점검을 실시하고 그 점검 결과를 데이터베이스로 구축하고 정보시스템의 위험 수준에 따른 체계화된 대응 방안을 수립할 수 있게 되었다. 신한은행은 금번 구축된 시스템을 정보보안 영역 전반으로 확대하여 동일 프레임웍에서 위험관리 기반의 내부 정보 유출 체계를 구축하고, 향후 그룹사에도 확대 적용하여 전체 그룹사의 보안 수준을 제고하는 데 활용할 계획이다. * 금번 구축 사례에서 소개된 침해사고 조기 대응체계는 구축 완료 시점에 사내 명칭 공모를 통해 "Ageis"로 선정되었으며, 본 사례에서도 전체 시스템을 가리킬 때 Ageis로 지칭한다. Aegis는 그라스 신화에서 Zeus 신이 딸 Athena 신에게 주었다는 방패로서 보호, 후원, 지도 등의 뜻을 가지며, 이지스 또는 아이기스 라고 발음된다.

• Journal of Convergence for Information Technology
• /
• v.11 no.12
• /
• pp.1-13
• /
• 2021

This study tried to suggest ways to improve the indicator system to strengthen the personal information protection. For this purpose, the components of indicator system are derived through domestic and foreign literature, and it was selected as main the diagnostic indicators through FGI/Delphi analysis for personal information protection experts and a survey for personal information protection officers of public institutions. As like this, this study was intended to derive an inspection standard that can be reflected as a separate index system for personal information protection, by classifying the specific IT technologies of the 4th industrial revolution, such as big data, cloud, Internet of Things, and artificial intelligence. As a result, from the planning and design stage of specific technologies, the check items for applying the PbD principle, pseudonymous information processing and de-identification measures were selected as 2 common indicators. And the checklists were consisted 2 items related Big data, 5 items related Cloud service, 5 items related IoT, and 4 items related AI. Accordingly, this study expects to be an institutional device to respond to new technological changes for the continuous development of the personal information management level diagnosis system in the future.

• Journal of the Society of Disaster Information
• /
• v.19 no.3
• /
• pp.597-607
• /
• 2023

Purpose: The Ministry of Employment and Labor has been working hard to ensure the safety of workers due to heavy rain during natural disasters as the responsible ministry in charge of preventing industrial accidents and health problems for workers. Accordingly, the Ministry of Employment and Labor intends to analyze actual cases of responding to heavy rain disasters and suggest ways to improve the response system. Method: An emergency response system implemented to respond to heavy rain disasters with an internal expert group composed of those in charge of disaster work at headquarters, local government offices, and Korea Occupational Safety and Health Agency, and an external expert group composed of professors, consulting representatives, and disaster managers from other ministries. Contents on self-inspection by industry, workplace inspection, use of serious siren, safety management and restoration work guidance were reviewed. Result: First of all, it is necessary to check the regular contact system from time to time, and it is also necessary to prepare and distribute detailed self-checklists for each industry. In addition, it is necessary to check the implementation of self-inspection when inspecting workplaces, and it seems necessary to have measures to increase the readability of information notified through serious disaster sirens. In addition, since safety work is done in the form of a contract, it seems necessary to prepare specific safety guidelines. Conclusion: In order to protect the lives of workers due to seasonal harm and risk factors, unlike the passive coping methods of the past, abnormal weather should not be regarded as an unexpected situation, and it should be actively and preemptively responding beyond the conventional framework.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.8 no.2
• /
• pp.1-11
• /
• 2018

Recently ICT, new technologies such as IoT, Cloud, and Artificial Intelligence are changing the information society explosively. But personal information leakage incidents of consignee's company are increasing more and more because of the expansion of consignment business and the latest threats such as Ransomware and APT. Therefore, in order to strengthen the security of consignee's company, this study derived the checklists through the analysis of the status such as the feature of consignment and the security standard management system and precedent research. It also analyzed laws related to consignment. Finally we found out the relative importance of checklists after it was applied to proposed AHP(Analytic Hierarchy Process) Model. Relative importance was ranked as establishment of an internal administration plan, privacy cryptography, life cycle, access authority management and so on. The purpose of this study is to reduce the risk of leakage of customer information and improve the level of personal information protection management of the consignee by deriving the check items required in handling personal information of consignee and demonstrating the model. If the inspection activities are performed considering the relative importance of the checklist items, the effectiveness of the input time and cost will be enhanced.

• 전기의세계
• /
• v.60 no.8
• /
• pp.24-27
• /
• 2011

• 보일러설비
• /
• no.11 s.154
• /
• pp.98-103
• /
• 2006

• Korean Journal of Construction Engineering and Management
• /
• v.20 no.2
• /
• pp.13-27
• /
• 2019

While temporary construction work applies to a temporary facility, it has a high use frequency during the construction period accounting for around 10% of the construction cost, it requires systematic management. However, construction inspection information of temporary construction work often has no special specification in the design documents and specification items, with the items on various standards also being formidable. Because of this, related inspection are likely to be performed inefficiently with a high probability for occurrence of human errors when quality inspection is conducted for the temporary construction work. In the present study, therefore, apply to the electronic operation support system capable of supporting implementation of inspection of providing related information for the contemporary construction work. To achieve this, a prototype is developed by using IDEF0 to identify information flow by process and organizing EPSS-based quality inspection Task. And then, efficiency of the quality inspection and information accessibility for temporary construction work are to be improved by verification method of Sample Project.