ITŹͽ CobiT4.0
ı ITŹͽ
1ȸ ITųʳͽ CobiT 4.0
2ȸ CobiT 4.0 ȹ ȭ(PO)
3ȸ CobiT 4.0 (AI)
4ȸ CobiT 4.0 (DS)
5ȸ CobiT 4.0 (ME)
6ȸ CobiT 4.0 ǹ Ȱ
ص ο ȸڵǰ ִ. Web2.0 ¶ Ͻ ų ̶ ҽİ Բ SOA, RTE, ž ü ITڵ ִ. ̷ Ҿ ֱ δ IT ٸ, μ λ̴ ϸ Բ ְ ȮϷη Ұǰ ִ ִµ ITŹͽ(IT Governance) ִ.
|
¸ ý
shinsung@goodi.com
IT豸 Ī ҰǾٰ ߾µ, ֱ ITŹͽ Ӱ Ұǰ, IT ITILó ȮǴ 鼭, 츮 ȸ IT濵ι Ǵ ƴѰ ʹ. ̸ ϴ ν ȯ µ װͰ 繵 ٸٴ 帧 츮 ˸ ϰ ʳ ϴ . 츮 . ð, ġ 鿩 ITý۵, Ⱓ ó ؿ IT ĵ, þ , .
̷ ʰ 츮 ֺ ü ִ ȭ̴. ̷ ӵǾ Ŀ ߱ ε, Ŀ(Mechanism) ü DZ 鼭 ٸ ð Ĵٺ ϰ Ǿ, ؿ Ŀ ο Ϸ õ Ͼ 鼭, ϰ ο ı(Boiled frog synd-rome) ɷִ ƴѰ ϴ ɽ ִ Ѵ.
̷ Ӹ ƴ϶ ذ ʰ ذϷ غ ٸ ٺ Ʋ ִٴ ٴٸ, ̷ 帧 , ITŹͽ ڿ ô밡 Ǿ. ̷ ǽ , Űڴٴ ǽ 帧 ITŹͽ ִ.
, ITŹͽ Ǹ 캸. ITŹͽ Ǵ , ڸ ټ ٸ. ۿ ITGI(IT Governance Institute) .
CobiT ӿũ
ǿ Ư ָϰ ϴ ٴ ٷ μ ̴. ITŹͽ ϴ ʿϴٴ μ. ̸ ITGI (alignment), ġ(value delivery), (risk management), ڿ(resource management), (performance measurement) ̶ ټ ITŹͽ ΰ , 34 μ CobiT(Control Objectives for Information and Related Technology)̶ μ ӿũ Ͽ. CobiT ۿ ü 캸 .
CobiT 츮 CISAڰ θ ˷ ISACA(Information Systems Audit and Control Association) 1996 ITμ ̵ ӿũ Ⱓ ̷, 1998 2, 2000 3 Ⱓϸ鼭 ISACA ITGI ְ Ǿ. 2005 11 CobiT 4 ߰Ǿ. Ư, 3ǿ 濵ڸ (Executive Summary), ӿũ(Framework), (Control Objectives), ħ(Management Guidelines), ħ(Audit Guidelines), 뵵 (Implementation Tool Set) 6 ȵ ݸ, 4ǿ Ͽ, ITŹͽ , ٸ ǥ, ITIL(Information Techno-logy Infrastructure Library), CMM (Capability Maturity Model), COSO (Committee of Sponsoring Organiza-tions of the Treadway Commission), PMBOK(Project Management Body of Knowledge), ISF(Information Security Forum), ISO/IEC 17799 Ͽ, ħ ȮŲ ε巯. (DS) νƮ, ũ ITIL ã ִ.
CobiTӿũ
CobiT 34 μ Ͽ.
- ù°, ȹ ȭ(PO: Plan and Organize)
IT 濵 ִ ּ ȹ ϰ, ǻϰ ϸ, ϴ ٷ.
- °, (AI: Acquire and Implement)
IT ϱ ؼ ITַ ϰų ϸ, Ͻ μ սŰ, ý ̳ ϴ ٷ.
- °, (DS: Deliver and Support)
ʿ ϴ , Ӽ , ڿ , ٷ.
- °, (ME: Monitor and Evaluate)
ITμ ǰ ִ ǰ ؼ 鿡 ֱ ؾϴµ, ̸ , , ؼ, Źͽ ٷ.
CobiT Ư
CobiT CobiTӿũ ó μ ̴. ITȰ ȹ ȭ, , , 4 CobiT ϳ μ ϱ Źͽ µ Ѵٰ ִ.
- CobiT ֵ(Measurement-driven)̴.
ð Ȯϰ, ϰ Ͽ ġ ִ ľϸ, ؾ ߰Ͽ Ȱ ϴ ǻ ƴϱ ϴ 찡 . CobiT ħ ȮϿ ⺻ CMMó ټ ܰ μ ϴ Ͽ ġ ش ִ ˷ָ, ٽɸǥǥ(KGI: Key Goal Indicator), ٽɼǥ(KPI: Key Performance Indicator) ߿ Ȱ ˷ָ Ҿ ִ ܵ ش.
- CobiT Ͻ ̴.
CobiT μ ITڳ ITڸ ƴ϶ 濵ڳ ڵ鵵 Ѵٴ μ 濵 ǥ ITǥ ϴ, ITڿ (Application), (Information), (Infrastructure), η(People) Ͽ ش μ ϴ Ÿ, 濵 Ű ؾ ϴ 濵 䱸 Ȥ ̶ Ͽ ȿ, ȿ, м, Ἲ, 뼺, ذż, ŷڼ Ÿ ִ.
- CobiT ̴.
μ Ӽ ϳ ʿ Ѵٴ ̴. , ٶ , , Ͽ ֵ ϴµ ִ. , Ͻ IT, ITϹ , , Է , ó , , ֺ Ѵ. ⺻ μ Ӽ, μ ٸ μ Է DZ ϰ, DZ ϴ ִ. ̷ 4ǿ Ϲ Է¹ ¹(Process Inputs and outputs)̶ ̸ 踦 ־ μ ̾ ۼϰ ǹ Ű Ѱ ϰ ְ ִ. μ ־ Ұ å ǵǾ ϴµ, 4ǿ Ӱ RACI Ʈ ༭ Ұ å(R&R: Role & Responsibility) ϴµ ְ ִ. RACI Responsible (å) R, Accoun-table () A, Consulted() C, Informed(뺸) I ڸ ̴.
ITŹͽ 濵 ̻ȸ å̰, ̰ IT ϰ Ȯϵ ϱ , μ ȴ.
åڳ PDF CobiT
CobiT åڳ PDF ִ 캸. 34 μ 4 迭Ǿ μ ⺻ Ǿ ִ. ù° ̶ ش μ յ 濵ǥ ITǥ ϰ, ° ̶ ش μ ʿ ϰ ִ. ° ħ Ϲ Է¹ ¹, RACIƮ, KPI, KGI ϰ , ° ̶ ش μ 5 ܰ ְ ִ.
ٸ, ⺻ 34 μ ̷ Ǿ ִٰ Ѵٸ, 136 (=34 x 4)̶ Ƿ CobiTåڿ μ ּ 136 ҴǾ ̴. , 34 μ ִ ִ .
̻ ó, ISACA/ITGI IT Ȱ 34 μ ϰ ̸ CobiT ӿũ ǥߴ. CobiT Ͽ Ҽ IT ITȰ غٸ ̷ . IT ġ ִ ľϰ, IT ȭ 캼 ִٸ, CobiT ITŹͽ ϰ Ѵٴ ̶ ̴.
ܹ ѱý۰ȸ(www.isaca.or.kr) ѱCobiT 4.0 Ͽ, CobiT ISACA(www.isaca.org) Ȩ Ͽ. е Ӱ CobiT 4.0 ڷḦ ISACA Ȥ ITGI Ȩ ƿ , е CobiT IT Ȱ غ.
ISACA(www.isaca.org)
̱ ī θ ΰ ִ ý۰ȸ(ISACA: Information System Audit and Control Association) 1969 Ǿ, ITŹͽ, IT, ȿ ־ ۷ι μ ϰ , 140 47,000 ̻ ȸ Ŵ , о CISA Ⱥо CISM ڰݽ ְ 迡 CISA 40,000, CISM 5,200 Ͽ.
|