• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.11 no.2
• /
• pp.703-708
• /
• 2010

Various information sources and the increasing vulnerabilities of information systems could increase the risks of a business. The successful management of business risks depends on appropriate level of risks in business. Business risk management would be conducted in terms of financial risk management and information security management. The financial management and the information security management could not achieve an integrated business risk management. For developing the integrated business risk management, this study analyzes the various information security management systems such as ISMS, EA, ISO27001, COBIT, SPICE, Auditing. This study analyzes information security systems, which could be utilized in developing business risk management.

• Journal of the Korean Professional Engineers Association
• /
• v.34 no.4
• /
• pp.62-64
• /
• 2001

As of July 1. 2001, the Law of Information 8t Telecommunication Protection has been compulsory to audit protection status on national information and Telecommunications Infra facilities such as communication, electricity, waterworks, airport, railway, primary facilities of government and the first financial circles. In U.S. institutions, organizations and corporations in each field are trying to prepare for Safe Har-bor agreed on Internet privacy regulation between U.S. and Europe to be effective in 2003. The Safe Harbor was motl-vated by strict European standard. Other countries make privacy and information protection law according to their own interest. Therefore Korean technical experts have to develop the law responding to national interest and public welfare. Besides scientific Held, experts in the field of politic, economy and academy also have to work hard to develop the law.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• Electric Engineers Magazine
• /
• s.346
• /
• pp.24-29
• /
• 2011

피뢰설비 수뢰부시스템의 설치 위치는 보호각법, 메시법과 회전구체법 등의 방법에 따른다. 이 가운데 회전구체법이 피뢰설비에서 중요한 요소다. 따라서 적절한 피뢰설비의 계획 설계를 위해서는 회전구체법에 대한 이해가 필수다. 본고에서는 이를 위해 회전구체법의 변천과정과 기초이론을 소개하고, IEC규격에 기술되어 있는 회전구체법의 내용과 적용방법과 사례를 통해 설계 시공 감리 현장 실무자들이 회전구체법을 올바르게 이용할 수 있도록 관련정보를 제공하는데 목적이 있다.

• Electric Engineers Magazine
• /
• s.345
• /
• pp.18-23
• /
• 2011

피뢰설비 수뢰부시스템의 설치 위치는 보호각법 메시법과 회전구체법 등의 방법에 따른다. 이 가운데 회전구체법이 피뢰설비에서 중요한 요소다. 따라서 적절한 피뢰설비의 계획 설계를 위해서는 회전구체법에 대한 이해가 본고에서는 이를 위해 회전구체법의 변천과정과 기초이론을 소개하고 IEC규격에 기술되어 있는 회전구체법의 내용과 적용방법과 사례를 통해 설계 시공 감리 현장 실무자들이 회전구체법을 올바르게 이용할 수 있도록 관련정보를 제공하는데 목적이 있다.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.17-33
• /
• 2002

The major goal of this study is to develop an index that can evaluate the quality of the appropriate network in a series of projections that analyze, design, and then build a network. The existing software engineering and/or the methods of developing a system are limited. The process of defining the requirements in building a network, designing the system, and building the network focuses on arranging the methods of building a network. Based upon this, we tried to develop a necessary index to evaluate the security of a network.