CRAMM을 이용한 정보시스템 위험관리 ; 신용카드회사 사례연구The Risk Management of Information System Using CRAMM - Case of a Korean Credit Card Company -
As companies become more dependent upon information systems(IS), the potential losses of IS resources become critical. IS management must assume the increasing responsibility for protection of IS resources as the IS and business environments become more vulnerable to various threats. The major issues facing management, when attempting to manage risks, include the assessment of the impact of risks on business objectives and the design of security safeguards to reduce the unacceptable risks to an acceptable level. This paper provides a case study of the risk management for IS. A Korean credit card company which has the high sensitivity for customers security was selected as a case. The risk management procedure using a powerful tool, CRAMM(the Central Computer and Telecommunications Agencys Risk Analysis and Management Method) was applied for this company.
- Publisher
- 한국경영정보학회
- Issue Date
- 2000-06
- Language
- Korean
- Citation
ASIA PACIFIC JOURNAL OF INFORMATION SYSTEMS, v.10, no.2, pp.149 - 176
- ISSN
- 1229-0270
- Appears in Collection
- MT-Journal Papers(저널논문)
- Files in This Item
- There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.