ȸ 濵 ؼ ʼ
α Ưǥ ° ؾ
̹ȸ â ̹ ü ȮѰ Ѵٴ ȸ ȭΰ ǰ ִ. ̸ Ѱ ִ 簡 Ȳ̴. ̹ ֺ 8ȸп CISO(Chief of Information Security Officer: ȴ ̻) ʿ伺 ϰ CISM ڰ ؼ Ұϴ ð ϰڴ. ڴ IT ()Ű åƮ. < >
[ ]
CISM Ұ
CISM 迵: Źͽ
CISM 迵:
CISM 迵: α
CISM 迵: α
CISM 迵:
ISMS(Ȱü)
Ʈ Ȥ ȿ ƮŴ ϴ ̵鿡 α̶ ʿϴٰ ϰڴ. ϱ ȹ üȭ ܰ谡 α ̷ ̴. CISO(Chief of Information Security Officer: ̻)μ CISM ڰ 3° α߷μ, ü ȰŹͽ ϰ ĺϿٸ ̸ ȰϿ üȭϴ ܰ ̴. CISM̶ ⳪ ߿ ߱ ֳ ڵƺ ٶ鼭 ̹ 翡 ſ DZ ٶ.
CISM 3 α
ڵ Ⱦ ϸ鼭 Ȥ ٸ μ α̶ ϰ ȴ. ǻ α, α, ȸ ȸ α α̶ ܾ ʹ 츮 ִ ̴ܾ. ϴ ŭ α ϶ ϸ ʴ. α̶ ϴ ȹ̳ ְڴµ ̸ α Ѵٸ , ȣǾ ϴ ϴ ϱ ؼ ̰ ȹ̳ ȭ ϴ ̶ ϰڴ. üȭ ϴ , ִٸ ̸ ִ̾ ٸ α ̴.
Ʒ ǵ ̳ ȸ 濵 ϱ ؼ ʼ̶ ϱ ȹ αȭǾ Ͽ ñδ 濵 ϰ Ǵ α ̸, ̷ α Ư ǥ ° ո 踦 ؾ ϴ CISM 3 ڶ ϰڴ.
Źͽ Ͽ ǥ ĺϰ(CISM 1 Źͽ), ġ , ҵ , Ͽ 䱸 س(CISM 2 ), 䱸 å, ǥ, Ȱ ȹϰ ȭν(CISM 3 α) ǰ Ǵ ̴.
α 11 Ȱ(Task Statement) ȭ (Knowledge Statement) Ǿ ִ.
CISM
α Ȯϱ α κ ȣ ƾ ұ? CISM Ѵٸ?
̴.
ITڿ (IT management) Ȥ ΰ(Internal auditor) ü質 ϰ ̴.
3 α߰߿ ȿȸ(Security Steering Committee) õϰ ִ. 濵 ̾ ϴ ٽɿ ̴. CISM ȿȸ Ͽμ ؾ ̴.
CISM 迵 3 α ô ݾ ġѴ. ù° ߸ ϴ ̴. ù ߸ ؼ å ħ ϴܱ CISM ؾ ϸ, ̶ ߵ å̳ ħ Գ صǾ õ ְ ȭ ϴ ʿϴ. ƹ α Ű ȴٴ CISM ʹ ˰ ?
ڼ http://www.isaca.or.kr/Ȥ http://www.lyzeum.com/ ãƺ ִ.
ڷ ó
http://www.isaca.org/
http://www.isaca.or.kr/
http://www.lyzeum.com/
Information Security Governance-Guide for BOD and Executives, ITGI, 2004
Information Security Governance, ITGI, 2008
CISM Review Manual, ISACA. 2006~2008
CISM Review Questions/Answer/Explanations Manual, ISACA, 2008
[ ]
-:
-IT ()Ű åƮ
-б п а
-()ѱý ȸ ISACA GRA ȸ
-ѱ CISSP ȸ ISC2 Korea а
-CISM, CGEIT, CISA, COBIT, CISSP, PMP, ITIL, CIA, IT-EAP, ISO 27001 ý
ۡ(CISM, CGEIT, CISA, COBIT, CISSP, PMP, ISO27001, CIA, ý۰) / josephc@chol.com
[ α (reporter21@boannews.com)]
|