• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.5
• /
• pp.179-186
• /
• 2019

Information system audit, which provides effective diagnosis and inspection of IT governance, is applied to all aspects from planning to development and operation. However, there is a difficulty in carrying out the audit because the system for the specialized university IT project is not developed. Therefore, it is necessary to set the internal system as the audit-based application framework in order to apply it to university IT governance. In this paper, we propose a audit-based application framework of university information system developed for university. The framework has a difference from the existing audit system. By using this framework, it is possible to present a standard for the university IT project and easily approach and use it in the field. And it can be used for direct audit through this framework in the level of the auditor as well as the HQ admin. The framework categorizes the audit into three major dimensions and suggests a method that can be applied to the university information system audit through the UAFP(University Audit Framework Process) and quality assurance.

• It's Smart Media
• /
• v.1 no.2
• /
• pp.63-87
• /
• 2012

• The Monthly Technology and Standards
• /
• s.90
• /
• pp.39-39
• /
• 2009

• Economic and Environmental Geology
• /
• v.54 no.1
• /
• pp.127-136
• /
• 2021

This study was carried out to understand China's earthquake governance and role-sharing, and to strategically use it for research cooperation in related fields with China. The characteristics of China's national earthquake governance and role-sharing are detailed in this study. First, unlike Korea, China's geoscience and earthquake research fields are separate, and are clearly distinguished from other fields of science and technology. They hold a higher status compared to other fields in China. Second, China's provincial earthquake agencies simultaneously carry out related tasks under the dual supervisory management system of the central and provincial governments. Third, the China Earthquake Administration (CEA) has the authority to do research and development, manpower training, and degree conferment, which are centered on directly affiliated institutions. Fourth, China carries out similar functions in directly affiliated institutions of the CEA and the China Geological Survey (CGS), and affiliated institutions of the Chinese Academy of Sciences (CAS), respectively. Fifth, the CEA is continuously expanding the seismic observation network that connects the vast land of the country. Sixth, China is considered to have detailed structures of earthquake-related laws and regulations. Given China's earthquake governance and role-sharing, it is considered that the possibility of success in research cooperation is high if Korea first determines whether it is under the jurisdiction of the CGS, CEA, and CAS, depending on the specific field.

• Journal of the Korean Institute of Landscape Architecture
• /
• v.47 no.4
• /
• pp.50-60
• /
• 2019

In the late 1980s, a financial crisis and Compulsory Competitive Tendering (CCT) in green space services brought with it a profound impact on the quality of parks in the UK. Such government projects, e.g. Urban Task Force (1999) and Public Parks Assessment (2001), aimed to raise the awareness of the severity of the declining standards of urban parks. Since the late 1990s, the UK governments (The New Labour (1997-2010) and The Conservative Government (2010-2019)), have often adopted community-led governance schemes to enhance the quality of parks and address problems derived from the financial crisis. Accordingly, community groups, notably 'Friends of', enlarged their involvement in the decision-making process of park management. However, there is little empirical evidence concerning the impact of community-led governance on park management, in particular, the effect on the users' perceptions of park use. This study explored the context of community-led park management to reclassify the level of build-up of governance underlined by 'A Ladder of Citizen Participation'. In addition, questionnaire surveys were conducted around two Sheffield district parks, which are located in deprived areas. As a result, community involvement in the status quo of UK urban park management has changed its form of governance based on the extent of involvement in the decision-making process. The forms of governance could be categorised in three levels: general, active, and predominant governance, where the extents of decision-making and sharing responsibility vary. The results obtained through the questionnaires show that one park (active governance), which has a stronger tendency of sharing responsibility to get involved in park management, had better contribution to park management and positive impacts on users' satisfaction than the other park (general governance). The findings highlight that stronger governance in partnerships with the non-public sectors can shed light on current and future park management through a shift in sharing responsibility for park management.

• Journal of Digital Contents Society
• /
• v.8 no.4
• /
• pp.509-519
• /
• 2007

For Knowledge Information Governance, integration search mechanism of Knowledge Information is required in various industries. But when Knowledge Information system constructs in each professional field, it developed and used its own metadata format. Accordingly, if distributed information system searches using metadata, heterogeneous problems are occurred among metadata. For integration search, it needs a consistency management of metadata. Therefore, this paper defines a standard metadata that represent standard metadata as surveying a used metadata in each field systems. Also, we propose a metadata registry integration framework for Knowledge Information Governance. It enables an integration search service without a metadata modification of existing system. Through the proposed framework, it can registries and manages efficiently the existing metadata. Also, it enables a semantically extended search using semantic relation between metadata.

• Information and Communications Magazine
• /
• v.31 no.5
• /
• pp.39-45
• /
• 2014

기업활동에서 IT에 대한 의존도가 증가함에 따라 기업들은 다양한 소프트웨어 및 하드웨어 플랫폼에서 제공되는 서비스들을 운영하고 있다. 서비스들이 보급, 확대되는 과정에서 새로운 보안 취약점들이 나타나고, 이들 취약점을 악용한 기업정보의 유출 및 해킹 등 보안사고의 발생도 비례하여 증가하고 있다[1]. 특히 다양한 유형의 사업을 운영하는 지주회사 또는 대기업 그룹사의 경우, 사업영역별로 운영 중인 IT 인프라의 보안 취약점이 네트워크로 연결된 타 사업용 IT 인프라에 대한 사이버 침해의 통로로 악용될 가능성이 있다. 이 같은 문제의 해결을 위해 기업들은 사업영역 별로 보유한 IT 인프라의 보안 취약점 진단과 대응을 위한 솔루션들을 도입, 운영해 오고 있다. 하지만 기업의 보안 거버넌스 관점에서 보안 취약점 관리도 전사적인 보안 정책과의 연계 강화, 투자 중복의 방지, 효과적인 관리와 통제에 대한 필요성이 대두되기 시작했다. 보안 거버넌스 체계 강화에 대한 기업의 요구변화에 맞춰 보안 취약점의 통합관리를 지원하는 상용 솔루션들이 일부 출시되고 있으나 기업들이 기 운영하고 있는 개별 취약점 진단 솔루션과의 연동, 로그관리 및 기업이 요구하는 특화된 기능 구현 등의 어려움이 도입에 장애가 되고 있다. 따라서, 대기업을 중심으로 개별 보안 취약점 진단 솔루션들을 연동하여 기업보안 거버넌스를 효과적으로 지원할 수 있도록 취약점 관리업무 프로세스의 재설계와 함께 취약점 진단 통합관리 체계를 구축하고 있다[2][3][4]. 본고는 보안 취약점 관리업무의 문제점을 소개하고, 최근 대 기업을 중심으로 활발히 구축이 추진되고 있는 웹 기반의 취약 점 진단 통합관리 체계의 개념, 기능 및 운영 프로세스를 소개한다. 아울러, 기업 IT 인프라에 대한 보안 취약점 진단 데이터를 축적하여 기업 내부의 보안위험 요소를 사전예측하고, 정보보호의 투자 대비 효과(ROSI: Security Return on Investment)를 효과적으로 산정하는 인프라로서 활용 가치를 소개한다.

• Korean Security Journal
• /
• no.55
• /
• pp.97-116
• /
• 2018

Due to the rapid developments of South Korea, local communities have faced various social pathologies which generated more violent crimes and criminalized younger students. Several horrendous violences, such as a Kangneung Girl assassination assault case in July 2017 and a Busan Girls assault case in September 2017, happened only between young students. This ignited a public uproar and people were more interested in related national policies and voiced for stronger penalties in ways that punish student offenders and abolish the juvenile law. In this respect, various effective policies are needed to prevent the school violence and to eliminate the students' fear of crime. These are expected to create an environment where students could enthusiastically study in a safe environment. Focusing on elementary school students, this study seeks to empirically analyse the effects of their perception of local crime control governance on their fear of crime and, subsequently, to suggest policy implications which could prevent future school violence and juvenile crimes and reduce the students' fear of crime. The results of this study are as follows: First, the analysis of the general fear of local crime control governance and the fear of crime showed that elementary school students' trust in police officers had a significant effect on the general fear. Second, the analysis of the local fear of crime control governance and the fear of crime highlighted that their trust in the police, social ties, intimacy between the police and residents had a significant effect on the specific fear. Therefore, this study is applicable in reality in that it can contribute to the prevention of school violence and reduction of fear of crime by constructing local crime control governance.

• Journal of Digital Convergence
• /
• v.12 no.3
• /
• pp.7-16
• /
• 2014

This study aims to analyze the key logic of the current C-P-N-D ICT ecological system, to find out the shortcomings of the current system, and then to offer policy suggestions for the establishment of a new creative contents industry ecological system; that is, ICCT (Information, Communication, Contents and Technology) System.

• Journal of Information Technology and Architecture
• /
• v.10 no.4
• /
• pp.451-466
• /
• 2013

기업들은 정보기술 리스크(IT Risk)에 대하여 어떻게 대처하고 있을까? 금융기관이나 공공기관은 태생적으로 이미 위험관리를 적극적으로 수행하고 있다. 정보기술에 대한 위험관리도 지난 10년동안 전산망 마비, 해킹 사고, 디도스 공격, 고객정보 유출 등을 겪으면서 적극적으로 대응해 왔다. 특히 2011년 농협사태는 IT 성과보다는 IT 보안을 훨씬 중요하게 보는 계기가 되었다. IT 보안 인력과 예산이 대폭 강화되고 망분리 사업이 추진되는 것이 대표적인 사례이다. 하지만 그동안 IT 위험관리는 특정 기술에 대한 사전 대응 및 사후 대응 강화에 집중되었다. 현재 IT 위험관리는 단편적 관리에서 종합적 관리로 전환되고 있다. 최근에 많은 기업들이 전사 차원의 정보기술 리스크 거버넌스(IT Risk Governance) 체계를 구축하고 있거나 구축하는 계획을 갖고 있다. 하지만 아직도 IT보안은 전사적으로 통합되지 못하였으며, IT 위험관리 프로세스는 조직에 내재화 되지 못 하였고, IT 성과관리와 연계성은 고려하지 못하고 있다. 본 논문에서는 IT 관리와 기술을 효과적으로 연계하기 위하여, 그리고 IT 성과와 IT 위험을 균형되게 관리하기 위하여 엔터프라이즈아키텍처(EA: Enterprise Architecture) 활용을 제안하고자 한다.