JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Improvement of the Certification Model for Enhancing Information Security Management Efficiency for the Financial Sector
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Improvement of the Certification Model for Enhancing Information Security Management Efficiency for the Financial Sector
Oh, Eun; Kim, Tae-Sung; Cho, Tae-Hee;
  PDF(new window)
 Abstract
Considering the results of the 3.20 Cyber Attack, leaks of personal information by card companies, and so on, convenience and efficiency cannot be guaranteed without security as a prerequisite. In addition, it is more likely that customers` interests seem to be interfered with in financial institutions than in any other industry. Therefore, when a security accident occurs, users may suffer mental damage and monetary loss, leading to class action, customer defection, loss of reputation, and falloff in international credibility, which all may have a significant effect on the business continuity of corporations. This study integrates the representative information security certification systems in order to improve the efficiency of information security management and demonstrate the necessity of information security management system certification for the financial sector. If the certification is needed, we would like to recommend the desirable development direction.
 Keywords
Information Security Management System;Financial Information Security;Finanacial Information Security Management System;
 Language
Korean
 Cited by
 References
1.
DigitalDaily, "'PIMS, PIPL', integration of the similar personal information security certifications," 2015.11.15.

2.
Eun-yeop Park, Jin-won Choi, and Tae-hee Cho, "A case study on building personal information management System Certification," Review of The Korea Institute of information Security & Cryptology, 21(5), pp. 27-36, Aug. 2011.

3.
F. Gregory Hayden and Kurt Stephenson, "Overlap of organizations: corporate transorganization and Veblen's thesis on higher education," Journal of Economic Issues, 24(1), pp. 53-85, Mar. 1992.

4.
Hyeon-seon Kang, "An analysis of information security management system and certification standard for information security," Journal of Security Engineering, 11(6), pp. 455-468, Dec. 2014. crossref(new window)

5.
ISO/IEC27001, Information technology-Security techniques-Information security management systems-Requirements, 2005.

6.
ISO/IEC TR 27015, Information technology-Security techniques-Information security management guidelines for financial services, 2012.

7.
Jung-duk Kim, "Standardization of information security management," Review of KIISC, 21(2), pp. 19-22, Apr. 2011.

8.
Jeong-hae Kim, "A study on the reform of the overlapping regulation in the industrial safety sector," Korean Society and Public Administration, 15(1), pp. 211-233, May. 2004.

9.
Korea Internet and Security Agency, Information Security Management System(ISMS) certification guideline, 2013.

10.
Korea Internet and Security Agency, Personal Information Management System(PIMS) certification guideline, 2010.

11.
Myung-seong Yim, Tae-seog Jeong and Jung-min Lee, "A suggestion for information security awareness of finance firms," Journal of Security Engineering, 11(6), pp. 479-798, Dec. 2014. crossref(new window)

12.
National Information Society Agency, Personal Information Protection Level(PIPL) guideline, 2015.

13.
National IT Industry Promotion Agency, Domestic and international research trends on information security management system certification, 2011.

14.
Sung-ju Park and Jong-in Lim, "A study on the development of SRI(Security Risk Indicator)-based monitoring system to prevent the leakage of personally identifiable information," Journal of the Korea Institute of Information Security and Cryptology, 22(3) pp. 637-644, Jun. 2012.

15.
The Boannews, "Visualization of integrating the information security certifications...what are the priorities?," 2014.08.11.

16.
Yong-hun Kim, "Inter-ministration competition in government public key infrastructure," Korean Republic Administration Review, 34(3), pp. 93-109, Nov. 2000.

17.
Yeong-jin Shin, "A study on technological protection measures improvement for personal information security," The Journal of Public Policy and Governance, 8(1), pp. 69-103, Jun. 2014.