[ͺ] ̿ ̻
[ȴ ] 츮 ȸ Źͽ(Governance) ǥ ϻ ϸ, ϰ ִ. Źͽ ü Źͽ, IT Źͽ Ȯϱ ̸ ̾ IT Źͽ Եƴ ȣ ϳ Źͽα Ȯ ϱ ̸. 츮 ȸ 10 εDZ ȣ Źͽ ذ ̴. ȣ Źͽ ؾ߰ڴٴ 츮 ȸ ν ̴. ̴ 츮 ȸ ȣ νĺ ܸ ִ ϰڴ. ̿ ITá ̿ ϰ ִ ̻縦 ֽ ִ ȣ Źͽ ô.
- 켱 Źͽ ŹѴ.
츮 ֱ Źͽ ϰ ȴ. ؼ Źͽ ȯ, Źͽ ô ǥ ټ ϰ ȴ. Źͽ? ǹ̷, ش о ϱ ġ ϴ ü踦 ǹѴ. ٷ ̸ õ ڵ ظ ϰ ȸ ǻ縦 ϴ Źͽ, ǥ ϰ 롤ϴ μ Ÿ IT Źͽ ϰ з ִ.
Ư ֱٿ Źͽ ڡƮITȣ IT μ ϴ ȣ Źͽ νϴ ñ ̸ ƴ. 츮 ȣ Źͽ ָؾ ϴ ִ.
- ȣ Źͽ ָؾ ϴ ΰ?
ֱ Ÿ ִ ܼ 缭 ν ϴ δ Ѱ谡 ִٴ ְ ִ. ̴ IT Źͽ 鿡 ȣ ȴڵ鸸 å, ϴ Ѱ谡 ִٴ Ѵ.
ְ ̻ȸ ̻ȸ 븮 CEO 濵, ش μ ֹشܿ ̸ 濵 ü ģ ȹ ʿ ̴.
ڻ ô뿡 ٶ ȣ и ٶ ִٴ 츮 ȸ ߴ. ȣ Źͽ ߿ϸ, ̿ ָؾ ϴ ̴.
- ٸ ȣ Źͽ ߱ ؼ?
ISACA ȣ Źͽ (domain) (Strategic Alignment) Ⱑġ (Value Delivery) (Risk Management) ڿ (Resource Management) ⼺ (Performance Measurement) (Integration) ̻ 6 ϰ ִ.
츮 IT Źͽ ǥ ISO/IEC 38500 ȣ Źͽ IT Źͽ Ͽ ѹα IT ȣ ø ҷ ȴ. ISACA ڽְ Ұϴ ȣ Ͻ (BMIS) ָ ̴.
BMIS(Business Model for Information Security) 4 (Elements) 6 (Interconnections) Ѵ( ǥ ).
- ռ BMIS ?
켱 4 ù ° Organization Design and Strategy ҷ Ǿ , ڿڻꡤμ 踦 ΰ ִ. ü ϱ Process, Culture, Architecture ̷ ߿ Ѵ. Ư ȣ ϱ ȵǾ Ѵ.
People ؾ ȣ ڿ ߿ ؼ ϴ ä, ġ νı, ȣ ȣ ؾ Ѵ.
Process 6 Ű ϸ, ̴ policy strategy ž Ѵ. ƿ 䱸 ؾ Ѵ.
Technology μ ȿ ϱ ʿϸ, ڵȭ ø̼ǡ Ѵ. ̴ ȭ ŷڼ ڿ ¿ȴ.
6 Governing ư ϸ, Źͽ 6 ǰ ִ° Ѵ.
Culture ȣ ϴ ൿ̳ ŷ, µ ϴµ, 鵵 ߿õ ִ.
Enabling and support 4 ϳ Ҹ μ ҿ Ű ϸ, ҿ μ Ұ ȣ Ȱ ִ.
Emergence ڿ μ Կ ־ ϰ Ǵ Ⱑ Ǵµ, ǵ顤 ̴.
Human factor ҿ ڿ ̿ ȣۿϴµ, BMIS Ű ߿ ȴ.
Architecture ڿ, μ, å, ϳ ȣ ǹ ϰ ִµ, IT Űó 迡 ִĿ ȿ Ѵ.
[ (boan3@boannews.com)]