̹ȸ â ̹ ü ȮѰ Ѵٴ ȸ ȭΰ ǰ ִ. ̸ Ѱ ִ 簡 Ȳ̴. ̹ ֺ 8ȸп CISO(Chief of Information Security Officer: ȴ ̻) ʿ伺 ϰ CISM ڰ ؼ Ұϴ ð ϰڴ. ڴ IT ()Ű åƮ. < >
[ ]
CISM Ұ
CISM 迵: Źͽ
CISM 迵:
CISM 迵: α
CISM 迵: α
CISM 迵:
ISMS(Ȱü)
óϰڴٴ ڼ ʴ!
츮 鼭 ȮǼ Ǿ ִ. · ȮǼ ϰ Ѵ. ȿ 踸δ ذ CISM 迵 Խ Ҵ. CISM (incident) ڻ, , ظ ߽Ű Ѵ.
CISO(Chief of Information Security Officer: ̻)μ CISM ڰ 5° ( ) μ, CISM μ Ȥ и ĺ, м, , ϱ ̴. CISM̶ ſ ġ ʾҴ (incident) ִ. 츮 ƴϴ. 츮 ƴ϶ ? سٸ ִ. ſ Ǿ Ѵ.
CISM 5
Ȼ ٸ ̸ ִ ƴϴ. ̸ ٰ ؼ ġ ϰڴٰ ϴ Ȱڷμ CISM ڼ ƴ ̴. Ƿ Ȼ ż Žϰ װ ĺϰ мؼ ϴ μ ϰ غ ξ Ѵ. ð ° ߰ ƹ å Ͽ ⺸ٴ ȿȿ̹Ƿ ϴ ̴. ݱ ؿ ȰŹͽ(CISM 1) (CISM 2), α(CISM 3), α(CISM 4) Ȼ ѹ Ƿ ؾ ̴.
Ȼ (CERT: Computer Emergency Response Team) ƷýŰ ǻ Ȥ ü غ ͵ . ٵ Ȼ ȰŹͽ κ ȴ. ̳ Ӽ ϱ Ӽ(BCP: Business Continuity Plan) 糭ȹ(DRP: Disaster Recovery Plan) Բ յǾ Ѵ.
ᱹ Ȼ ̳ ϴ Ǿ װ ϴµ ʿ ̷ ϰ Ǵ ̴. Ʒ BCP Ŀٶ Ÿ ȿ ´ ȹ ϳ̸, ÿ ٸ ͵ յǾ Ѵ.
BCP ȹ
10 Ȱ(Task Statement) ȭ (Knowledge Statement) Ǿ ִ.
CISM
Ӽȹ α ؾ ϱ? CISM Ѵٸ?
̴.
óü ϱ 롱 Ȥ üƮ(2 Ʈ: alternative site) ҿ ꡱ ü ̴.
5 ý ߴܵǾ (daily) ꡱ ̶ õϰ ִ. ̳ ֿȰ ýۿ ϰ Ƿ ý غ ȴ. Ӽ ý Ӽ ؾ Ѵٴ ̴.
CISM 迵 5 Ȼ ĺϰ Žϴ Ϸ Ȱ ᱹ ÿ Ͽ ̰ Ӽ, ߴ Ȱ ϱ ̸, Ӽ Ȼ ġ ɸ Ǵ ϱ ̴. ϴ (response) ᱹ (prevention)̶ ǹ̷ ؼȴ. ¡ ߴ. ˰ ˸ ο · ʴٴ ̴. Ȼ غϰ Ʒϰ ÿ Ǿ ϴ Ͽ 츮 · ̸ CISM ˰ ̴.
CISM 迵 5 ܰ躰 Ҵ. ڵ CISM ϰ ư ٸ ϴµ DZ ٶ, The bucks stop here.( ٷ ־) Ʈ ó CISM ڱ ȭϰ Ŵ ڵ ?
ڼ http://www.isaca.or.kr/Ȥ http://www.lyzeum.com/ ãƺ ִ.
ڷ ó
http://www.isaca.org/
http://www.isaca.or.kr/
http://www.lyzeum.com/
Information Security Governance-Guide for BOD and Executives, ITGI, 2004
Information Security Governance, ITGI, 2008
CISM Review Manual, ISACA. 2006~2008
CISM Review Questions/Answer/Explanations Manual, ISACA, 2008
[ ]
-:
-IT ()Ű åƮ
-б п а
-()ѱý ȸ ISACA GRA
-ѱ CISSP ȸ ISC2 Korea а
-CISM, CGEIT, CISA, COBIT, CISSP, PMP, ITIL, CIA, IT-EAP, ISO 27001 ý
-IT縦 Ȯϰ Ͻ ϴ о߰ ɺо̸ ̿ ؼ Ȱ п ϰ ִ.
ۡ(CISM, CGEIT, CISA, COBIT, CISSP, PMP, ISO27001, CIA, ý۰) / mailto:josephc@chol.com
[ α (reporter21@boannews.com)]
<۱: ȴ(http://www.boannews.com/) ->
|