• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.205-208
• /
• 2021

지능정보사회의 발전에 따라 사이버 공격은 업종과 규모를 가리지 않고 모든 기업을 대상으로 이뤄지고 있다. 이러한 현실을 반영하여 최근 정보통신망법은 모든 정보통신서비스 제공자에게 특정지위의 정보보호 최고책임자(CISO)를 지정하도록 개정되어 시행될 예정이다. 그러나 정보통신망법령은 업종별 정보화 특성을 고려하지 아니하고, 매출액·자산총액 기준으로만 정보보호 최고책임자의 지위를 차등화하고 있으며, 차등화된 지위는 임원·비임원 여부로만 규정되어 있어 현장에서 실효성이 발휘되기 곤란하다는 문제가 있다. 본 논문은 정보보호 거버넌스 관점에서 지위를 차등화하고 업종별 특성과 종업원 수 기준에 따른 정보보호 최고책임자의 법적 지위 요건을 제시하고자 한다.

• The Journal of Information Systems
• /
• v.11 no.2
• /
• pp.27-46
• /
• 2002

The main purpose of this paper is to study on the relation between utilization types of internet and performance at the small and medium firms in Korea. To accomplish the purpose of this paper effectively, first of all, theoretical background of the characteristics of chief executive officer are reviewed briefly. Second, research methodology is discussed with the following topics: (1) variables and operational definitions (2) research model and hypotheses (3) data analysis methods Third, research results are discussed with following topics: (1) characteristics of the sample (2) validity and reliability of variables (3) frequencies of the variables (4) resells of hypotheses tests Finally, this paper is summarized and future research areas are suggested briefly.

• Journal of Information Management
• /
• v.26 no.1
• /
• pp.1-15
• /
• 1995

This study attempted to measure the usefulness and success of technology information management system, by analysing the cases of the enterprises and R&D institutes with respect to information management practices. It also presented an conceptual model for technology information management on the basis of general recognition and views of information managers as well as analysis of Critical Success Factors(CSFs) of technology information management, which may be a guide post for a systematic information management.

• Korean Management Science Review
• /
• v.22 no.1
• /
• pp.103-125
• /
• 2005

Korean government is planning to adopt double entry bookkeeping with accrual basis in the government accounting system. This paper attempts to identify influencing attitudes of information producers toward the acceptance of the new service system. Several models are introduced, including Luder's Contingency Model, Cheng's Politico-Economic Model of Accounting Policy Choice, Roger's Diffusion of innovation, and Davis's Technology Acceptance Model(TAM). A set of constructs are developed as fellows : information producers' knowledges, experiences, altitudes toward the reform, characteristics of cash based accounting system and new accrual based system, a chief executive officer's willingness to support, availability of supporting systems, and social Influences from external environment. This study also incudes hey factors used in TAM, such as perceived usefulness and ease of use. Survey responses are gathered from accounting officers in government ministries and agencies as well as from local governments. Regression analysis shows that, for information producers, both 'perceived ease of use' and 'perceived usefulness' of the new system are the best explanatory variable for the dependent variable. It has also found that 'perceived usefulness' is explained best by individual characteristics such as knowledge and experiences, quality of current cash based s1n91e entry bookkeeping system, chief executive's support, Positive supporting systems and social influences. The useful guidelines for implementing double-entry bookkeeping system with accrual basis are also provided.

• 한국디지털정책학회:학술대회논문집
• /
• 2003.12a
• /
• pp.507-524
• /
• 2003

Many organizations experience that the performance they gained from IT investment is lower than they expected values. As with any investment, executives are concerned with maximizing the performance from their investment in IT. This study focused on the relationship between IT strategy and IT investment to maximize IT performance. A field survey of chief information officer of Korea manufacturing sector was conducted. Complete data for 147 firms was analyzed to determine relationship of the three research constructs. The study shows a positive relationship between IT strategic orientation, IT investment direction, and performance of IT. The research results provide empirical evidence that supports the research hypothesis that closer fit between IT strategies and IT investment directions does lead to increase operational and competitive performance of IT

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2002.06a
• /
• pp.408-416
• /
• 2002

네트워크의 발달과 인터넷의 생활화로 컴퓨터 보안이 시대적인 중요문제로 부각하고 있다. 요즘 해킹으로 발생하는 재정적 손실은 특별하게 큰 사건이 아닌 경우에 언론에 보도되지 않을 정도로 만성적인 현상으로 인식되고 있으며 컴퓨터 범죄는 어느정도 사회현상의 하나로 여겨질 정도다. 그러나 컴퓨터 범죄를 퇴치하고 컴퓨터보안의 완벽성을 유지하고자 하는 기술적인 노력은 지속적으로 전개되고 있으나 컴퓨터 범죄는 오히려 늘어가고 있는 추세다. 이에따라 컴퓨터 범죄등 컴퓨터보안관리가 기술적인 수준에 머물지 않는 성격을 갖추고 있다는 인식이 최근들어 확산하고 있다고 할 수 있다. 이 논문은 이런 인식에서부터 출발해 새로운 개념으로 등장한 전사적 보안관리 (Enterprise Security Planning)와 컴퓨터 보안 위험 관리(Computer Security Risk Management)의 개념에 대한 이해를 중점적으로 제기했다. 또 컴퓨터 보안위험관리의 과정을 단계별로 검토해 컴퓨터 보안위험관리를 체계적으로 이해할수 있도록 제시했다. 마지막으로 본 논문은 전사적 보안관리와 컴퓨터 보안위험 관리차원에서 기업이 보안관리를 위해 갖춰야 할 새로운 흐름들, 예를 들어 보안관리자(Chief Security Officer) 제도와 보안보험 가입등 보안정책을 제시함으로써 컴퓨터범죄로부터 기업이 최대한의 안전성을 확보할 수 있는 경영전략의 틀을 제시했다.

• 정보보호뉴스
• /
• s.136
• /
• pp.30-33
• /
• 2009

본 기고는 기업에서 지난 6년 동안 정보보호 관련업무 실무책임자로서의 경험을 토대로 어떻게 하면 보다 더 효율적이고 안정적인 정보보호활동을 수행할 수 있을까 하는 관점에서 바람직한 CSO의 역할 모델을 정리해 본 글이다. 전혀 보안에 신경을 쓰지 않아도 보안사고가 발생하지 않으면 100점짜리 보안수준이 되는 것이고, 제아무리 보안교육과 점검을 실시하고 취약점을 개선하기 위한 다양한 보안투자를 시행하더라도 보안사고가 터지는 순간, 보안수준은 순식간에 빵점짜리로 전락한다. 때문에 필자는 종종 정보보호 책임자는 안전고리를 벗겨낸 폭탄을 가슴에 품고 언제 터질지 모르는 지뢰밭에 서있는 사람이라고 역설한 바 있다. 최근 급속한 IT기술의 발전과 극심한 개인주의 성향 등으로 그 어느 때보다 보안사고의 위험성과 피해규모가 크게 증대되고 있으며, 이에 따라 기업에서 정보보호 업무 수행부서의 역할과 책임범위 역시 과거와 달리 매우 광범위하게 확장되고 있는 실정이다. 특히 우리나라는 90년대 말 IMF 당시 구조조정의 여파로 중국을 비롯한 해외 경쟁회사로 국내 기술자들이 이직함으로써 핵심 산업기술의 유출이라는 피해를 경험한 바 있다. 그런데 최근 미국에서 시작된 세계경기의 위축으로 또 한 차례의 보안사고 위험성에 크게 노출되어 있는 상황이다. 각 국의 문화 및 산업의 다양성만큼이나 수많은 위험성이 산재하고 있는 현대 사회에서 바람직한 CSO가 되기 위한 몇 가지 착안사항들에 대하여 논해 보고자 한다.

• Journal of Digital Convergence
• /
• v.1 no.1
• /
• pp.165-187
• /
• 2003

Many organizations experience that the performance they gained from IT investment is lower than they expected values. As with any investment, executives are concerned with maximizing the performance from their investment in IT. This study focused on the relationship between IT strategy and IT investment to maximize IT performance. A field survey of chief information officer of Korea manufacturing sector was conducted. Complete data for 147 firms was analyzed to determine relationship of the three research constructs. The study shows a positive relationship between IT strategic orientation, IT investment direction, and performance of IT. The research results provide empirical evidence that supports the research hypothesis that closer fit between IT strategies and IT investment directions does lead to increase operational and competitive performance of IT.

• The Journal of the Korea Contents Association
• /
• v.10 no.5
• /
• pp.80-89
• /
• 2010

u-Health refers to "Always, ubiquitously" prevention against disease, diagnosis, medical treatment service that can receive treatment even if patient does not visit hospital as abbreviated word of ubiquitous and health. U-Health transmits in individual's living body sign and measuring of health information and health information system that is consisted of process of analysis and feedback transmiting and measure individual's living body signal and health information and health proprietary company or medical institution operates. If analyze pattern to information that health information system is transmited, health care officer or chief physician means that offer healthcare and medical treatment service to remote about target customer. Wish to present authoritativeness model for u-Health's inside and outside of the country same native place and u-Health's BMT in this research.

• The Journal of Information Systems
• /
• v.17 no.3
• /
• pp.255-287
• /
• 2008

This study examined the relationship among constructs that impact on strategic use of IS(Information Systems). Independent variables were OIQ(Organizational Intelligence Quotient) and role of CIO(Chief of Information Officer) as a top manager, and dependent variable are strategic use of IS. The dependent variable has three-sub constructs: 1) IT infrastructure flexibility; 2) operation-orientation; and 3) market-orientation. Seven research hypotheses derived from the research model, and were empirically tested using the PLS (Partial Least Squares) method. The research results confirmed that both OIQ and CIO's roles have strong impact on organizations' strategic use of IS. Communication and business network among the sub-constructs of OIQ have effect on strategic use of IS. CIO's role as a top manager was found to be significant. CIO's role as a resource allocator and innovator among the CIO's roles showed significant influence on strategic use of IS. OIQ was also significantly related to CIO's role as a top manager. This study suggests practical implications and insights to the enterprises which aim to apply IT strategically.