A Study on Selection of Core Services for Deciding ISMS Scope (정보보호 관리범위 결정을 위한 핵심업무서비스 선정에 관한 연구)

Kang Hyunsik (강현식); Kim Jungduk (김정덕)

doi:10.9708/jksci.2017.22.02.051

A Study on Selection of Core Services for Deciding ISMS Scope

Journal of The Korea Society of Computer and Information
Abbr : JKSCI
2017, 22(2), pp.51-57
DOI : 10.9708/jksci.2017.22.02.051
Publisher : The Korean Society Of Computer And Information
Research Area : Engineering > Computer Science
Received : December 27, 2016
Accepted : January 31, 2017
Published : February 28, 2017

Kang Hyunsik ¹, Kim Jungduk ¹

¹중앙대학교

Accredited

ABSTRACT

The first thing to be prioritized is to set the scope of the management system when establishing an information security management system for systematic and effective information security management. It is important to set the scope for an organization’s information security goals due to the scope affects the organization’s overall information security activities. If the scope is set incorrectly, it might become impossible to protect important services and therefore, the scope of the management system should be determined in consideration of the core business services of the organization. We propose a core service selection model based on the organization’s mission-critical service and high risk service in order to determine the effective information security management system scope in this paper. Core service selection criteria include the type of service, contribution to sales, socio-economic impact, and linkage with other services

KEYWORDS

The Scope of ISMS, Information Security Task, Core services, Mission-critical Service, High risk service

Citation status

* References for papers published after 2023 are currently being built.

[book] KISA / 2016 / A Guide for the Certification of Information Security Management System / KISA

[other] Telecommunications Technology Association / 2012 / A Guide for Establishing the Scope of Information Security Management System / TTAK.KO

[other] / 2013 / ISO/IEC JTC 1/SC 27, “ISO/IEC 27001:2013Information security management systems Requirements” / ISO/IEC

[other] / 2010 / ISO/IEC JTC 1/SC 27, “ISO/IEC 27003:2010Information security management systems implementation guidance” / ISO/IEC

[journal] Ray Bernard / 2007 / Information Lifecycle Security Risk Assessment: A tool for closing security gaps / computers & security 26(1) : 26~30

[journal] J. K. Lee / 2013 / Diagnosis and evaluation of non-core businesses in Public enterprise / Public institution research focus 0(0) : 113~138

[book] Handa junichi / 2004 / Centennial company / New proposal Publishers

[book] J. H. Yang / 2011 / Service, Marketing / INITIAL COMMUNICATIONS Corp

[other] / 2016 / ISO/IEC JTC 1/SC 27, “ISO/IEC 27000:2016Information security management systems:Overview and vocabulary” / ISO/IEC

[book] NIST / 2004 / FIPS PUB 199: Standards for Security Categorization of Federal Information and Information Systems / NIST

[book] Ministry of Science / 2015 / ICT and Future Planning, Guidelines for Designation Criteria for Major IT Infrastructure Facilities / Ministry of Science

[journal] N. H. Kim / 2014 / Criteria for calculating the importance of information security in E-government public service / Internet &security focus 3(0) : 47~59

[journal] 엄재하 / 2016 / Effect of Information Security Incident on Outcome of Investment by Type of Investors: Case of Personal Information Leakage Incident / 정보보호학회논문지 / 한국정보보호학회 26(2) : 463~474

[journal] J. Hue / 2013 / A Study on New Methodology for Designating Core Information Infrastructure / Internet & Security Focus 9(1) : 26~35

[journal] 강민아 / 2007 / An Exploratory Application of the Mixed Methods Research: Application of Surveys and Focus Group Interviews for Regional Public Health Issue Decision Making / 한국행정학보 / 한국행정학회 41(4) : 415~437

[journal] David L. Morgan / 1996 / Focus Groups / Annual Review of Sociology 22(1) : 129~152

[book] Krueger, R. A / 2008 / Focus Groups: A Practical Guide for Applied Research / SAGE Publications

[journal] Derek Cabrera / 2008 / What is the crisis? Defining and prioritizing the world’s most pressing problems / Frontiers in Ecology and the Environment 6(9) : 469~475

[book] Ministry of Knowledge Economy / 2012 / Knowledge Economy Statistics Portal Information Strategy Planning / Ministry of Knowledge Economy

KJCKorea
Journal Central

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

A Study on Selection of Core Services for Deciding ISMS Scope

ABSTRACT

KEYWORDS

Citation status

* References for papers published after 2023 are currently being built.

Journal of The Korea Society of Computer and Information 2023 KCI Impact Factor : 0.65

A Study on Selection of Core Services for Deciding ISMS Scope

ABSTRACT

KEYWORDS

Statistics

Tools

Issue List

Citation status

KCI Citation Counts (0)

REFERENCES (19) * References for papers published after 2023 are currently being built.

Search PDF

Citation

* References for papers published after 2023 are currently being built.