• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.197-209
• /
• 2015

The issue of information security within an organization began to be recognized as risk of the organization. Because of this, not only ISO(Information Security Officer) but an executive or CEO were forced to resign. In addition, it brought about heavy financial damage to the company and made the company difficult to restore trust to customers. At a time when inadvertent disclosure of personal information has become accepted as a matter of survival because of having a bad effect within an organization, how the information security specialist causes influence on information protection level of the organization. For these reasons, targeting the information security specialists of various industry sectors, we'll analyse how task performance rate of the information security specialist within an organization cause influence to the information security level. The goal of this study is for the company to raise the task proportion of information security specialist and to improve the information protection level of the organization.

• Journal of KIISE:Software and Applications
• /
• v.37 no.9
• /
• pp.687-693
• /
• 2010

Information Technology Service Management (ITSM) System has been adopted and operated by many governments and public institutions to intensify their global competitiveness. Recently these organizations are facing many problems because of the increased demands and complexity of Information Technology (IT) service. Especially, difficulty with ITSM gets bigger and bigger because of increasing IT outsourcing. An expectation regarding ITSM is grown up when facing to solve problems. Therefore, this study suggests effective alternatives about ITSM organization structure for public sectors. The ITSM organization structures changes from traditional structures based on functions to new structures based on its goal, customer, and its process. In other words, ITSM organizational structure can be composed of Service Strategy directorate, Service Design directorate, Service Transition directorate, Service Operation directorate, and Service Improvement directorate. To ensure the effectiveness and the professionalism of ITSM in an organization, this paper specifies the roles of participants and the responsibilities for each unit. The proposed ITSM organization structures will be useful for public sectors.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.3
• /
• pp.137-147
• /
• 2011

In this study, an analysis was conducted to investigate the process how information technology(IT) quality affects organizational performance. Acquisition of IT by itself is not sufficient for the improvement of organizational performance, which additionally requires the operations activity using IT to meditate between IT and organizational performance. This study classified the IT quality into functional quality and operational quality. The functional quality is defined as intrinsic characteristics of IT itself while the operational quality is defined as effective support of IT for organizational management activities. Our research model proposed that the functional quality has indirect effect meditated by the operational quality on organizational performance. The statistical test using structural equation modelling in empirical research showed insignificant direct effect and significant indirect meditation effect of the functional quality on organizational performance via the operational quality. This paper concludes with contribution of this study, managerial implication of the research findings and further research issues.

• Journal of Korea Society of Industrial Information Systems
• /
• v.26 no.3
• /
• pp.23-39
• /
• 2021

Investment of organization in information security is increasing, but information security threats within the organization are not decreasing. The purpose of this study is to suggest a direction to increase the information security compliance intention of employees. In detail, the study presents the positive effects of security motivation and organization trust on the information security compliance intention, and presents the moderating effect of work promotion focus. Research model and hypothesis verification are confirmed through structural equation modeling and the study conducted a questionnaire technique to the employees of the organization applying the information security policy for quantitative verification. As a result, information security punishment and value congruence had a positive affect on the compliance intention by mediating organization trust. In addition, work promotion focus had a moderating effect on the positive relationship between the precedent factors on the compliance intention. The research has academic and practical implications from the viewpoint of presenting the factors of the organization's efforts to improve the level of information security compliance by insiders.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.3
• /
• pp.575-590
• /
• 2022

Recently, organizations are increasing their investment to protect information resources from information security(IS) threats through the adoption of IS policies and technologies. However, IS incidents occur in a variety of ways, such as intrusions from outside the organization and exposure to the inside. Our study presented the negative effects of IS role stress on organizational insiders and suggested factors from the organizational and individual perspectives for mitigating IS role stress. We conducted a survey on employees of companies that introduced and applied IS policies to their work and tested the hypothesis using 329 samples. As a result, IS organization justice reduced IS role stress and strengthened IS positive psychological capital, thereby affecting the IS compliance intention of employees. Also, IS positive psychological capital moderated the relationship between IS stress and IS compliance intention. This study contributes to the achievement of internal IS goals by suggesting the conditions that affect the IS compliance behavior of employees in terms of the organizational environment and individual characteristics

• Journal of the Korean Society for information Management
• /
• v.28 no.3
• /
• pp.47-64
• /
• 2011

This study analysed the librarian competencies and job type to identify the present state of required librarians and to suggest the direction for education in the organization of information. As the result of investigation 278 job announcement, the traditional qualifications and the knowledge of new standard and S/W related electronic resources are required. The job type divided between cluster for the traditional demands and cluster for electronic resources and information technology. It proposed the expansion of education related electronic resources and information technology, the balance of theory and practice, and the adoption of new teaching method for education in the organization of information.

• Journal of Digital Convergence
• /
• v.16 no.3
• /
• pp.225-236
• /
• 2018

Organizations continue to invest in the security of information technology as a means to be more competitive than others in their industry do. However, there is a relatively lack of interest in the information security compliance of employees who implement information security technologies and policies of organization. This study finds mechanisms for enhancing security compliance by applying theory of planned behavior, justice theory, and motivation theory in information security field. We use structural equation modeling to verify the research hypotheses, and conducted a survey on the employees of organization with information security policy. The results showed that organizational justice, sanction, and organizational identification affect the factors of the planned behavior theory and affect the employee's compliance intention. As a result, this research suggested directions for strategic approach for enhancing employee's compliance intention on organization's security policy.

• KIPS Transactions on Computer and Communication Systems
• /
• v.3 no.9
• /
• pp.301-310
• /
• 2014

The absence of proactive information security management to ensure availability, accessibility and safety of information can bring serious risks to customers as well as to the organization's performance and competitiveness because improper security management undermines business continuity. This study analyzed the maturity of information security which affects the organizational performance. Through the literature reviews, a research model using the organizational performance as the dependent variable, the risk management process maturity and risk assessment process as independent variables and the information security policy indexes as moderate variables was proposed, and an empirical analysis was made on the basis of survey. The results showed that there was a high causal relationship between information security maturity and organizational performance. However, even if the proportions of information security staff ratio and the information security budget ratio increased, information security maturity did not affect organizational performance. It suggests that information security maturity affects organizational performance, but information security regulations have their limitation as being a catalyst to improve organizational performance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2019.10a
• /
• pp.470-472
• /
• 2019

Cyber Threat Intelligence (CTI)는 성장하는 사이버 공격에 대응하는 새로운 보안체계 개념으로써 최근 많은 조직에서 보안성을 향상시키기 위해 도입하고 있다. 조직에서 CTI의 도입은 보안 조직간의 위협 정보와 그에 대응할 수 있는 방어 전략을 공유하여 다양한 선제공격을 방어하기 위해 필수적이다. 이에 따라 CTI 위협 정보를 공유하는 조직이 점차 늘어나고 있으며 정보의 양은 점차 많아지고 있다. 하지만 정보를 공유받는 대부분의 조직이 공격자가 악의적으로 잘못된 위협 정보를 수집한 경우 또 다른 사이버 공격으로 이어질 수 있다. 본 논문에서는 CTI 정보 공유에서 사이버 위협 대응 조치 전략을 조직에 적용하기 전에 가상의 네트워크 아키텍처에서 적용시킨 후 평가 및 검증을 통해 공격을 목적으로 한 악의적인 정보가 적용되지 않도록 사전에 방어한다.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1998.03a
• /
• pp.191-197
• /
• 1998

IMF 체제와 의료시장 개방 체제속에서 경쟁우위와 합리적인 경영환경을 구축하기 위해서는 의료업계에서도 불합리한 구조적 개선과 다변화하는 고객서비스 개선을 위해 병원 조직의 효과성 또는 경영 합리화를 위해 구조조정이 불가피하다. 변화의 대응전략 하나로정보기술(Information Technology)에 의한 HPR(Hospital Process ReEngineering) 방법론을 적용시켜 조직의 리스트럭처링(Restructuring)과 프로세스 리엔지니어링(Process ReEngineering)개선으로 인한 경영환경 변화요인을 분석함으로써 기대되는 학습조직, 유연조직, 가상조직, 네트워크 조직, 인간존중조직의 구성효과와 서비스의 질적 향상, 조직의 재구성, 업무의 재분배,인적자원의 적재적소 배치, 사무환경개선, 업무처리과정이 표준와, 경영환경 개선의 기대효과와 정보기술은 단순한 프로세스의 개선, 효율화가 아니라 새로운 환경에 적합한 최적의 경영도구로 병원의 목적 달성에 간접적이 아닌 직접적인 도움을 주는 성공요인으로 평가하였다.