• Journal of Digital Convergence
• /
• v.8 no.4
• /
• pp.97-108
• /
• 2010

Nowadays, information security governance which is an integral part of corporate governance has become an important issue in protecting valuable business information assets. However, there are few organizations which have implemented information security governance because of its abstract concept. The objective of this paper is to develop CSFs for implementing information security governance. Ten CSFs were developed based on the ISO/IEC 27014 Information Security Governance Framework.

• Digital Contents
• /
• no.10 s.161
• /
• pp.46-47
• /
• 2006

한국데이터베이스진흥센터가 주관하는 '2006 데이터베이스 그랜드 컨퍼런스'가 최근 부각되고 있는 데이터 거버넌스를 주제로 지난달 20일 코엑스 인터컨티넨탈 호텔에서 개최됐다. 이번 행사는 기업들이 당면하고 있는 데이터 품질 확보를 위한 해법으로 데이터 거버넌스를 제안, 관련 분야의 해외 전문가들을 초청하여 선진 기술동향을 파악할 수 있는 계기가 됐다는 평가다.

• The KIPS Transactions:PartD
• /
• v.15D no.2
• /
• pp.285-296
• /
• 2008

The purpose of this paper is to examine the IT governance decision structure of the four strategic modes of IT strategy grid, and compare and analyze the differences in the IT governance decision structure of companies that produce superior results and those that produce inferior results. The survey method was used for this paper, and data from a total of 209 companies that were listed on the KOSDAQ 300 and KOSPI 200 were used for the analysis. The results show that each mode has a different IT governance decision structure from the others, and the IT governance decision structure of companies with high results and those with low results are also different for each mode. The results of this paper are significant in that, for each mode, it presents the decision structure framework for promoting desirable behavior of companies carrying out IT governance.

• 한국IT서비스학회:학술대회논문집
• /
• 2006.05a
• /
• pp.535-546
• /
• 2006

최근 기업의 비즈니스 가치 증대를 위해 IT의 전략적 활용과 정보시스템과 비즈니스 프로세스간의 연계와 통합에 대해 중요성이 강조되고 있다. 이에 따라 다양한 IT 서비스와 자신들을 효과적으로 관리하기 위한 IT 거버넌스 개념 재정립의 필요한 시점이나, 학계와 산업계의 높은 관심에 비해 국내 기업의 실증적인 사례연구가 부족한 실정이다. 본 연구에서는 사례 연구를 통해 IT 거버넌스와 관련하여 현재 기업에서 수행 중인 의사결정 체계와 활동, 유형 및 결정 요인 등을 살펴봄으로써 IT 거버넌스 구축의 현주소 및 향후 활성화 요인을 제시하고자 한다. 비교 분석을 위해, 동일 산업군에서 매출액 규모가 유사하고 IT 투자율이 높은 국내 대기업 2개 업체를 선정하였으며, Structure, Process, Relational Mechanism 관점에서 관련업체의 IT 부서 주요 관계자들과의 인터뷰와 여러 내부 자료들을 활용하여 심층적인 사례 분석을 수행하였다. 'A'사와 'B'사의 IT 거버넌스 사례 분석을 통해 의사결정 메커니즘과 요인을 파악하고 이를 바탕으로 보편적인 적용이 가능한 의사결정 영역별 특성 및 구성요소를 구체적으로 제시함으로써, 향후 기업의 환경에 맞는 IT 거버넌스 체계 구축 및 Reference로서 활용을 기대한다.

• Convergence Security Journal
• /
• v.17 no.1
• /
• pp.39-44
• /
• 2017

The existing enterprise information security activities were centered on the information security organization, and the top management considers information security and enterprise management to be separate. However, various kinds of security incidents are constantly occurring. In order to cope with such incidents, it is necessary to protect information in terms of business management, not just information security organization. In this study, we examine the existing corporate governance and IT governance, and present an information security governance model that can reflect the business goals of the enterprise and the goals of the management. The information security governance model proposed in this paper induces the participation of top management from the planning stage and establishes information security goals. We can strengthen information security activities by establishing an information security plan, establishing and operating an information security system, and reporting the results to top management through compliance audit, vulnerability analysis and risk management.

• Knowledge Management Research
• /
• v.24 no.3
• /
• pp.53-71
• /
• 2023

Environmental, Social, and Governance (ESG) refers to factors that are important for assessing a firm's social and environmental effect, as well as its governance standards. This paper investigates the relationship between ESG-based corporate governance and SDGs strategy implementation by discussing about incorporating ESG issues into corporate operations. It digs into the advantages and disadvantages of aligning corporate governance with the SDGs, demonstrating the potential for delivering long-term value for both firms and society as a whole. In this paper, we investigate ESG-Based Knowledge Management (ESG-KM), a knowledge management system that incorporates sustainability principles. More specifically, the paper investigates how the synergy between ESG-KM and ESG-Based Corporate Governance (ESG-CG) might influence firms' long-term value creation, stakeholder involvement, and sustainable decision-making. Finally, this paper investigates how public organizations might use knowledge management to improve the implementation and effect of ESG-CG principles, resulting in better sustainable outcomes. Public enterprises may support responsible decision-making, increase stakeholder involvement, and achieve long-term performance by linking ESG principles with corporate governance standards. The paper then explores how ESG-KM might help public firms integrate these concepts into their governance structures. The scientific novelty of this paper resides in its thorough investigation, realistic implementation methodologies, and novel combination of ESG principles, corporate governance, and knowledge management. Furthermore, by providing actionable insights and emphasizing the application of these concepts in the context of public enterprises, the paper makes a valuable contribution to the field of management, propelling the discourse on responsible and sustainable business practices in both the private and public sectors.

• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.5
• /
• pp.110-119
• /
• 2007

In an extended enterprise, there is a shift to shared services, cosourcing and outsourcing, and extending out to partners, suppliers, and customers to accomplish business objectives more effectively. Along with this critical need, executives should be aware of the need to focus on optimizing the value of their information technology and reducing the related risks. So IT governance is critical, and many companies including spin-off venture are providing IT governance solution, but very little is known about brand management and marketing strategy of IT governance solution provider. The purpose of this study is to investigate brand positioning of IT governance solution company focusing on spin-off venture. The results of this study are summarized as follows. First, brand management is needed in the spin-off venture. second, IT governance solution companies including spin-off venture must provide something more than functional value. That is, they actively seek to emotional or symbolic value for their customers.

• Convergence Security Journal
• /
• v.10 no.4
• /
• pp.13-19
• /
• 2010

The flow of time, depending on the company's ongoing business link to guarantee the proportion of much greater importance, it in the organization as part of an enterprise-wide level, rather than acting on the information society has been considered as the topic of race. Information Security Governance, the integrity of the information, service continuity, the three kinds of information asset protection purpose begins. It is essential for corporate governance, transparency should be part, must be aligned with the IT framework. Existing information security governance framework that small businesses a wide range of governance issues and interests have never had. Therefore, we simplified the information security governance framework is proposed, and solve problems, and propose a framework for analysis of the safety and efficiency through the analysis of the effectiveness of the proposed method were discussed.

• Convergence Security Journal
• /
• v.20 no.3
• /
• pp.39-46
• /
• 2020

In order to protect the business information of the enterprise, the company is engaged in various information security activities, such as establishing an information security management system, establishing and operating an information security system, checking vulnerabilities and security controls. It is an enterprise information security governance that organizes various information security activities for enterprise business, and it needs to be systematized to operate them effectively. In this study, to systematize the enterprise information security governance, we would like to explore the existing Enterprise Information Portal(EIP) model and propose an Enterprise Information Security Portal(EISP) model based on it. The Enterprise Information Security Portal(EISP) model provides an integrated environment for supporting the activities of the information security departments by systemizing the enterprise information security governance, which is a variety of information security activities of the enterprises, so that the information security activities of the enterprises can participate directly from CEO to executives and employees, not just from the information security departments.

• Journal of Internet Computing and Services
• /
• v.16 no.4
• /
• pp.111-120
• /
• 2015

Internet has changed global information society in many ways. Among others, combination of internet's technological characteristics and internet ecosystem has altered global information governance. This paper argues that internet governance is rooted in the multistakeholder model in which diversified actors including government, private sector, and civil society are connected closely. Players have increased a lot in the global information governance. In particular, civil society have more involved in the decision making process. In the international politics arena, power shift from intergovernmental organizations to civil international organizations has increased. ICANN and IGF(Internet Governance Forum) have played critical roles in internet governance. Internet governance shows new phenomena of global information governance.