• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 1994.11a
• /
• pp.316-323
• /
• 1994

• Journal of Navigation and Port Research
• /
• v.38 no.3
• /
• pp.317-325
• /
• 2014

The government of South Korea has introduced various security measures in the supply chain, such as CSI (including a 24-hour rule) and AEO (Authorized Economic Operator), in compliance with global security trends and the war on terror. However, many participants in the import and export process are still unfamiliar with the purposes and functions of CSI, the 24-hour rule, and AEO. As such, considering these risks as obstacles or as factors that interfere with the import and export process, this study suggests proper management schemes, which can identify, measure and evaluate these risks.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.14 no.2
• /
• pp.19-25
• /
• 2018

With the development of IT technology, various services such as artificial intelligence and autonomous vehicles are being introduced, and many changes are taking place in our lives. However, if secure security is not provided, it will cause many risks, so the information security becomes more important. In this paper, we analyzed the research trends of main themes of information security over time. In order to conduct the research, 'Information Security' was searched in the Web of Science database. Using the abstracts of theses published from 1991 to 2016, we derived main research topics through topic modeling and time series regression analysis. The topic modeling results showed that the research topics were Information technology, system access, attack, threat, risk management, network type, security management, security awareness, certification level, information protection organization, security policy, access control, personal information, security investment, computing environment, investment cost, system structure, authentication method, user behavior, encryption. The time series regression results indicated that all the topics were hot topics.

• Journal of Digital Convergence
• /
• v.11 no.10
• /
• pp.153-168
• /
• 2013

Information security has been a major concern in organizations. The longstanding question of how to improve employees security behaviors and reduce human errors remains unanswered and requires further exploration in the information security domain. To do this, we propose a risk compensation theory-based model and examine the model. Research results shows that the relationships between information security countermeasures and information security compliance intention of employees are moderated by system vulnerability. However, the finding is contrary to the previously held risk compensation assumption and deserve further study. In addition, system quality does not play a moderator role in the relationship. Conclusions and implications are discussed.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1089-1097
• /
• 2019

An era of smart manufacturing is coming through the rapid development of information and communication technology. As a result, many companies have begun to utilize a variety of hardware and software for the efficient business of the manufacturing process. At this time, the hardware and software used are supplied through manufacturing and distribution processes. These supply processes are exposed to a variety of security threats. As the recent cases of supply chain attacks have increased, foreign countries are establishing supply chain management systems and managing supply chain risks. In Korea, on the other hand, there was research on supply chain risk management in some fields. In this paper, we emphasizes the necessity of supply chain risk management through supply chain attack cases. In addition, we analyze trends of foreign supply chain management system and explains the necessity of domestic supply chain security strategy.

• International Journal of Quality Innovation
• /
• v.7 no.3
• /
• pp.24-45
• /
• 2006

In recent years, the labor consciousness is gradually valued. During the process of pursuing sustainable operation, the enterprises treat occupational hazard risk as the waste of cost. The purpose of OHSAS 18000 occupational security and health management system is to systematically establish the business managerial measures in terms of occupational security and calamity prevention. This research proceeded with questionnaire analysis with respect to the relationship between the OHSAS 18000 system implementation and competitiveness in Taiwan's industries. The research result revealed that there was significant relationship between Taiwan firms' execution of OHSAS 18000 system and industry competitiveness. Thus, the enterprises can decide the proper managerial plans according to the result of their own risk evaluation to prevent the happening of accidents and reduce the operational cost. They can thus completely control business occupational hazard risk through "systematic" management.

• Journal of Korean Society of societal Security
• /
• v.3 no.1
• /
• pp.61-66
• /
• 2010

Recently a construction industry introduces information technology that brings about many advantages in the early planning phase, design phase and construction phase. Nevertheless a BIM has a many benefits, it has limits which are not only usually using 3D modeling but also limit of making full use of practical affairs because of a lack of connecting varietals of progress of work. To solve these uppermost limits, this research is presenting unified systems to use in risk management which are efficient management of space and non-space information, space analysis.

• Journal of Information Technology Services
• /
• v.19 no.6
• /
• pp.119-130
• /
• 2020

This work investigates how domestic or foreign ERP affects the relationship between risks associated ERP implementation and intention to adopt risk-mitigating options. We propose three risks such as ERP vendor risk, economic risk, and security risk should affect positively the intention to adopt the risk-mitigating options. To validate the impact of risks and to examine the difference between domestic and foreign ERP, we collected data from IT managers in small and medium sized logistics companies in South Korea using survey questionnaires. We validate the difference between domestic ERP and foreign ERP using multiple regression analyses. We find that IT managers using domestic ERP are willing to adopt risk-mitigating options for economic and security risk. In contrast, we find that IT managers using foreign ERP are willing to adopt risk-mitigating options for ERP-vendor risk. This work may provide IT managers in logistics industry a practical guideline of choosing either domestic or foreign ERP based on their risk preferences.

• 한국환경농학회:학술대회논문집
• /
• 2009.07a
• /
• pp.3-18
• /
• 2009

It is difficult for consumers to satisfy high safety request with post-management method such as inspection and surveillance, as various changes in-and-out of the country associated with food safety. In terms of food safety problems related to foods, it is crucial to recognize public health and consumer protection and construct pre-preventive Food Control System. A joint committee, FAO/WHO made the following consultations to the National Food Safety System. ${\circ}$ Approach entirely from farm to table ${\circ}$ Get ready for Risk Analysis System ${\circ}$ Secure transparency ${\circ}$ Establish the optimal policy by evaluating the effect of regulation When it comes to summarizing the consultation, it would be accumulated as two key words; "Efficiency" and "Credibility". Whereas the problem of efficiency focuses on precaution rather than post-management, it requires policy option to maximize consumer's benefit by evaluating the cost for the Food Safety Management and its benefit. Also, analyzing risk's character and amount, demanding an optimal means, and introducing scientific analysis system put much value on the stakeholder's communications are procedure's security which can satisfy both "Efficiency" and "Credibility" simultaneously. Especially, it is emphasized here that Risk Assessment need to be separated from Risk Management. This action is a valid means of credibility security throughout improving transparency. A number of nations and organizations have reformed the method of food management passing through reflection and examination of the prior National Food Safety Management since BSE occurred in Britain, 1996. FSA; Food Standard Agency, AFFSA, EFSA, BfR, and FSC are Risk Assessment Organization functionally separated from Risk Management Organization, JECFA, JMCFA, JMPR, JEMRA in Codex charge Risk Assessment internationally. In case of advanced countries excluding several those such as The U.S. and so forth, though these Risk Assessment Organizations are either separated functionally within Risk Management Organization or operated as apart organ, common factors are in which it has independence as Science Base. While securing independence of Risk Assessment Function, it is a tendency Risk Management should be functionally unified into efficiency as well. Though Germany constructs integral Risk Management System of diverse ways according to social and political conditions of each country such as GFOCP, DVFA, SNFA, CFIS and AQIS, there is a key word in the center, "Securing efficiency of Food Safety Management". However our nation has a representative plural；diversified system with The U.S., we took a step forward for unification as empowering policy's generalization；adjustment and Risk Assessment Function by means of enacting the "Food Safety Fundamental Law" in 2008 and establishing the "Food Safety Policy Commission" with private and governmental sectors in the Prime Minister's office. Even though the unification of Risk Management hereby increased, there is the lack of strengthening function of Risk Assessment and securing independence. It needs to be required for the professional committee in Food Safety Policy Commission to develop as a exclusive office of Risk Assessment by separating from a policy decision. Administrative Branches should reinforce feeble functions such as fundamental investigation；research for carrying out Risk Assessment with securing efficiency throughout reassessment of prior Risk Management Means.

• Convergence Security Journal
• /
• v.3 no.3
• /
• pp.81-90
• /
• 2003

Risk analysis and internal control evaluation are key security management activities for securing organizational assets. Risk analysis is used to identify areas that need safeguarding while internal control evaluation is used to check whether the current control system is effective with a reasonable degree of assurance. Risk analysis usually focuses on unauthorised activities of unauthorised people and has not paid much attention to threats that could be committed by authorized users. As attention to fraud increases, these threats should be appropriately treated within organizations. This paper compares the difference between these two approaches.