본문 바로가기
  • Home

A Study on Selection of Core Services for Deciding ISMS Scope

  • Journal of The Korea Society of Computer and Information
  • Abbr : JKSCI
  • 2017, 22(2), pp.51-57
  • DOI : 10.9708/jksci.2017.22.02.051
  • Publisher : The Korean Society Of Computer And Information
  • Research Area : Engineering > Computer Science
  • Received : December 27, 2016
  • Accepted : January 31, 2017
  • Published : February 28, 2017

Kang Hyunsik 1 Kim Jungduk 1

1중앙대학교

Accredited

ABSTRACT

The first thing to be prioritized is to set the scope of the management system when establishing an information security management system for systematic and effective information security management. It is important to set the scope for an organization’s information security goals due to the scope affects the organization’s overall information security activities. If the scope is set incorrectly, it might become impossible to protect important services and therefore, the scope of the management system should be determined in consideration of the core business services of the organization. We propose a core service selection model based on the organization’s mission-critical service and high risk service in order to determine the effective information security management system scope in this paper. Core service selection criteria include the type of service, contribution to sales, socio-economic impact, and linkage with other services

Citation status

* References for papers published after 2022 are currently being built.