MANAGEMENT OF INFORMATION SECURITY FROM DEVELOPMENT STAGE BY APPLYING COBIT GUIDELINES

COBIT is a collection of good processes and practices for IT governance. It offers the effective measures, indicators and activities for enterprise. COBIT has also been applied to many other governance, e.g. security governance, software process IT services management. Since COBIT is general-purpose, it requires expert knowledge for the implementation of each application. Although the guideline of security management are also published, we examined the contents of COBIT and defined a framework which specializes in information security engineering from the guideline. This paper presents the framework along with its application in development of information systems t. The framework effectively utilizes the COBIT-based security management and solves various subjects of security in the development.