CONTROL ITEM AND COMPLIANCE MANAGING SYSTEM CAPABLE OF ACCEPTING GENERAL-PURPOSE REGULATIONS AND RULES OF INFORMATION SECURITY MANAGEMENT SYSTEM

摘要

The present invention relates to a control item and compliance managing system capable of accepting general-purpose regulations and rules, more specifically, to a control item and compliance managing system capable of accepting general-purpose regulations and rules of an information security management system capable of optimum security control according to a scale and a feature of a group by optimizing control items. The control item and compliance managing system capable of accepting general-purpose regulations and rules of an information security management system comprises: a control item managing unit (110); a security evaluation item selecting unit (120) for selecting a security evaluation item from an integrated control system DB (210); an index optimization managing unit (130); an improvement index managing unit (140); a feedback processing unit (150) for performing a feedback work which changes reference information of a business reference DB (220); the integrated control system DB (210) for storing major security check control items; the business reference DB (220); an index DB (230); an improvement reference DB (240); a previous evaluation result DB (250) for storing previous evaluation results; and a current evaluation result DB (260) for storing currently inputted evaluation results.;COPYRIGHT KIPO 2016