• The Journal of Society for e-Business Studies
• /
• v.18 no.1
• /
• pp.147-164
• /
• 2013

For the continuous information security governance, we have to focus on not just technical aspects like access control and DRM, but informal level management like information security(IS) behavior, culture, and personal value. But there are few informal level studies, while many formal level studies of IS governance or technical means. This study is an empirical test that how IS culture, normal beliefs, personal behavior and value affect employee's deviant behavior. And we define a lack of an awareness of value and importance on IS regulations in organizations as "Information Security Anomie" with the concept of anomie, a viewpoint on social organization.

• Informatization Policy
• /
• v.20 no.2
• /
• pp.20-38
• /
• 2013

Park, Keun-Hye government has just established a new ministry for integrating and managing the policies for science & technology and ICT. From the ICT governance perspective, the new ministry implies separating promotion policies from regulation polices. The current paper aims to present ICT policy implications by providing a perspective on regulation and promotion. A delphi survey was conducted for 32 experts in ICT sector. According to the experts, a clear distinction between regulation and promotion policies is difficult, and thus, integrating regulation and promotion policies looks more preferable. In general, an independent ministry that integrates regulation and promotion policies is mostly preferred. Some suggested an independent committee inside the ministry might be desirable, especially for the broadcasting regulation policy to be independent from the ministry control. The current study proposes tight collaboration between the newly established ICT ministry and the Korea Communications Commission, and in the long term, integrated administration of promotion and regulation policies. In particular, this study emphasizes the importance of the integrated policy management to enhance government policy capacity.

• Journal of the Korea Convergence Society
• /
• v.10 no.11
• /
• pp.63-70
• /
• 2019

We can implement IT governance in university IT project by applying framework based on CobiT to university information system. In this paper, the organizational planning process is presented as a procedure to use it strategically at the university organizational level. This is the basic plan to be pursued by the university organization and is the first to be implemented in the Univ IT strategy. Organizational plan carry out the process gradually at the organizational level and 11 items of 4 groups are presented. The result of this organizational plan is to lead the strategic process at the university headquarters. In addition, big picture strategy can be established from Univ IT planning, budget, coordination and evaluation, and it can lead to systematic preparation and management for integrated implementation of IT system.

• Communications of the Korean Institute of Information Scientists and Engineers
• /
• v.22 no.11
• /
• pp.13-20
• /
• 2004

• Journal of Korean Society of societal Security
• /
• v.1 no.1
• /
• pp.69-79
• /
• 2008

Operational continuity is not a simple issue that can be solved by a Back-Up center or an alternate site. Strategic issues including law, standards, etc demand a new approach in terms of the operational continuity management (OCM). Also, it is necessary to develop a new framework of OCM governance as a part of the corporate governance. Experts from corporate governance insist that OCM can be included in the corporate operational control and so it is important to set up a strategy for OCM in the organization. This paper describes how OCM governance suggests two aspects of effectively controlling corporate risks in the viewpoint of corporate governance. First of all, the top corporate management develops the strategy of operational continuity with regard to the corporate governance. Secondly, there is the aspect of how to build up and manage the strategy of operational continuity in the corporations.

• Journal of Korea Technology Innovation Society
• /
• v.12 no.2
• /
• pp.335-359
• /
• 2009

This study explores the IT governance structures of the Korean conglomerates. It investigates IT organization structures, decision making frameworks and processes, communication channels, implementation mechanisms, and performance evaluation methods around IT activities of the Korean conglomerates by analyzing four different cases. The results show that all of the conglomerates have an IT service firms as one of their subsidiaries, and all the subsidiaries in the conglomerates outsource their IT divisions to the IT service firms, The client firms in the conglomerates operate IT strategy and planning teams to coordinate their IT activities with their outsourcing partners. The IT governance archetype of the Korean conglomerates is found to be "business monarchy" because the client firms mostly make IT decisions. However, the IT service firms provide the information of IT trends and solutions to their clients, so the IT governance archetype of input framework for IT decisions can be "IT monarchy". In addition, the conglomerate which has the more centralized IT governance architecture appears to prefer the more integrated implementation mechanisms for IT decisions. The results of this study are expected to be used as a benchmarking model for the organizations which try to develop an effective IT governance structure.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.5
• /
• pp.103-114
• /
• 2012

EA, efficient and hierarchical Information Resource Management(IRM) tool of Korean public agencie is one of the core of carrying forward the e-Government initiative. The objective of the paper is to study empirically whether using EA Governance for Controlling EA is related with their EA competency or not. the 190 person in charge of Information System service division are included for analysis. The various hypotheses established are validated by structural equation in SPSS and AMOS 18.0. The results shows that EA management and EA utilization of EA competency level was affected by EA Function, EA Organization and EA Human Resource of exogenous variable EA Governance but EA implementation level was not affected by EA Organization and EA Human Resource. also we investigated that the EA management level of endogenous variable EA competency was affected positively by EA implementation level and the EA utilization level of was affected positively by EA management level by stages.

• The Journal of the Korea Contents Association
• /
• v.5 no.1
• /
• pp.209-215
• /
• 2005

The first wave of e-government projects dating from the early 1990s primarily focused on setting up national and global information infrastructure, internal organizational reform, digital procurement, and the digital delivery of government services to citizens. Most of these e-Government projects have concentrated on the development of systems focusing on strengthening the formal agencies and institutions of government. To date, despite many theoretical and empirical studies on citizen involvement in terms of governance, relatively little attention has been paid to developing e-government systems with a focus on improving citizen involvement, which we call e-governance systems. This paper discusses the characteristics of the e-governance systems, identifies core requirements for its development, and suggests an e-governance system architecture that can satisfy the core requirements.

• The Journal of Society for e-Business Studies
• /
• v.19 no.1
• /
• pp.63-78
• /
• 2014

This paper is to analyze how the information security leadership of top management affects controls of information security. Controls of information security include the activity related to making information security policy, the activity related to making up information security organizational structure and job responsibilities, the activity related to information security awareness and training, the activity related to technical measures installation and operation, and the activity related to emergency response, monitering and auditing. Additionally we will analyze how Internet incidents affect controls of information security and find implications.

• 한국IT서비스학회:학술대회논문집
• /
• 2006.11a
• /
• pp.91-96
• /
• 2006

최근 몇 년 사이 정부 내의 정보화 사업규모는 기하급수적으로 증가하고 있다. 국민의 정부시절 약 2,400억 규모의 정보화 예산이 참여정부에서는 약 9500억으로 증가한 사실이 이를 반증하는 증거이다. 그러나, 이러한 정보화 사업에 대한 투자규모에 비하여, 막대한 예산을 들여 진행되는 사업에 대한 지속적인 성과관리는 체계적으로 진행되지 않은 현실이다. 오히려 성과관리라는 것이 사업의 추진을 방해하는 부정적인 요소로 인식되기도 한다. 하지만, 정보화 사업에 대한 성과관리의 부재는 장기적으로 조직의 전략목표와 정보서비스와의 GAP을 심화시켰고, 결과적으로 막대학 IT 투자 전체에 대한 회의감만을 대두시키는 결과를 가져 왔다. 2006년 IT최대의 화두인 IT거버넌스 개념 역시 IT와 비즈니스의 GAP을 줄여 IT 서비스가 조직의 목표와 전략을 올바르게 지원하도록 IT운영을 하자는 것이 핵심사상이다. 이러한 IT거버넌스 실현의 중심에 IT 투자성과관리체계가 있다. 해양수산부는 IT투자성과관리체계구축을 통하여 정보화사업 전체 프로세스를 지원하며, 각 단계별 이력관리를 통해 매년 사업 담당자가 바뀌는 상황에서도 안정적인 사업의 추진이 가능하도록 하였으며, 각 사업에 대한 평가지표개발 및 평가체계 구축을 통해 사업계획, 시행, 종료 단계에서 과학적인 정보화 사업의 투자성과평가를 지원하는 체계를 마련하였다. 이러한 IT투자성과관리체계는 기 구축된 ITA, ITAMS, IT자산관리체계와 연동하여 해양수산부 IT거버넌스 실현에 이바지 할 것으로 기대된다.