iso 20000과 효과적인 itsmju12.tistory.com/attachment/cfile8.uf@... · · 2015-04-27머 리...
TRANSCRIPT
-
Service Management Guide
ISO 20000 ITSM
-
?
IT ISO/IEC 20000 2005 12 3
. IT 2007 7
KS 20000
.
BSI 2007 ISO 20000 63
ISO 20000 80% . ISO 20000
IT
.
ISO 20000
IT .
ISO 20000
.
.
.
.
(www.blueprint.or.kr)
(www.kolonbenit.com) ,
CNI (www.dongbucni.com)
25,000
.
.
-
1 ITSM ISO 20000 6
PART 1: ITSM ...........................................................................................................8 IT (ITSM) 8 ITIL(IT Infrastructure Library) 8 IT (itSMF) 10 11 ITSM IT Governance 12 ITSM Six Sigma 13
PART 2: ISO ................................................................................................14 ISO 14 ISO 15 ISO 15 16
PART 3: ISO 20000..........................................................................................................18
ISO 20000 19 ISO 20000 20 ISO 20000 20 ISO 20000 21 ISO 20000 22 ISO 20000 26 / 27
2 ITSM 30
PART 4: ITSM ................................................................................................32 ITSM : 32 ITSM : Set-up 32 ITSM : As-Is 33 ITSM : To-Be 36 ITSM : 39 ITSM : 41 ITSM : 41
PART 5: ISO 20000 ................................................................................43 43 ISO 20000 44
3 ITSM 49
PART 6: ..............................................................................................50 ? 50 51 57 59
PART 7: ................................................................................61 PDCA 61 (Plan) 64 (Do) 67 (Check) 70 (Act) 72
-
79
PART 8: (Delivery) ........................................................................82 (Service level management) 82 (Service reporting) 85 (Service availability management) 87 (Service continuity management) 90 IT (Budgeting and accounting) 94 (Capacity management) 96 (Information security management) 98
PART 9: (Relationship) ...........................................................................101 (Business relationship management) 101 : (Supplier management) 104
PART 10: (Resolution) ............................................................................109 (Incident management) 109 (Problem management) 113
PART 11: (Control) .................................................................................116 (Configuration management) 116 (Change management) 122
PART 12: (Release) ..............................................................................127 (Release management) 127
- ITSM .......................................................................132
- ITSM .............................................................................................136
- ITSM ...................................................................................139
- ITSM ..........................................................................................146
.......................................................................................................................162
-
1 ITIL 3 ......................................................................................9
2 (: ITIL V3 ) ................................ 11
3 IT (: Gartner, 2005 9).............................. 12
4 IT Governance (: AS 8015:2005) ................................................... 13
5 ISO ............................................................................ 15
6 ................................................................ 16
7 ISO/IEC 20000 ....................................................... 23
8 ISO 9001 ISO 20000 ................................................................. 27
9 ISO 20000 ITIL ....................................................................... 29
10 ITSM ................................................................................ 32
11 ................................................................................. 44
12 ......................................................................... 45
13 ............................................................... 46
14 .................................................................... 47
15 The Shewhart Cycle(: )....................................................... 61
16 --- ........................... 64
17 (The Deming Cycle)............................................................. 76
18 (: ITIL V3 CSI)............................................ 77
19 7 (: ITIL V3 CSI) .................................................. 78
20 ................................................................ 84
21 ............................................................................. 92
22 ................................................................... 110
23 .......................................................................... 111
24 ............................................................................... 111
25 ........................................... 124
26 ............................................................................ 136
27 .................................................................. 136
28 .............................................................................. 137
29 ............................................................... 137
-
PART 1: ITSM 6
1 ITSM ISO 20000
ISO/IEC 20000( ISO 20000) IT ( ITSM)
. ISO 20000
. ITSM ITIL(IT Infrastructure
Library) ISO 20000 .
ITSM IT
.
(Service) ()
. , ,
.
.
() .
.
,
.
, ,
.
, .
.
.
, ,
,
.
IT ITIL V2 ,
IT IT , , IT , ,
.
IT ITIL V2 (delivery) (support)
ITSM ITSM (operation)
. ISO 20000
-
ISO/IEC 20000 ITSM
7
COBIT IT ITIL
V3 ITSM IT .
IT IT ,
.
-
PART 1: ITSM 8
PART 1: ITSM
ISO 20000 ITSM ITSM ITIL .
ITSM ITSM ITIL . ITSM EA, BPM
ITIL ITSM .
IT (ITSM)
ITIL
(facilitate) .
, ,
IT
. IT .
IT
IT
IT
ROI
IT
IT
ITIL(IT Infrastructure Library)
OGC(Office of Government Commerce) 1989 ITIL IT
(IT Service Management) (Best Practice)
.
ITIL IT 31 2(ITIL
V2) 7 . 2007 3(ITIL V3)
5 (Core books) (Official
Introduction) .
-
ISO/IEC 20000 ITSM
9
1 ITIL 3
ITIL V3
(Service Strategy)
,
, , ,
(Service Design)
IT
(Service Transition)
,
(Service Operation)
,
,
,
(Continual Service
Improvement)
,
, ,
-
PART 1: ITSM 10
ITIL .
IT
,
IT (itSMF)
itSMF IT Service Management Forum 1991 IT
. itSMF
. itSMF itSMF (Chapter) 2008
-
ISO/IEC 20000 ITSM
11
6,000 40 70,000
. itSMF ,
.
itSMF(itSMF Korea) 2004 9 2005 ITSM
ITIL .
ITIL
ISO 20000
IT
, ,
Service Talk
ITIL (ITIL Certification Board) OGC, ISEB & EXIN
ITSM . ITIL V3 SEI(Software
Engineering Institute) (CMM)
.
IT CoBIT 3 (capability), (control),
(coverage) .
ISO 20000
.
2 (: ITIL V3 )
-
PART 1: ITSM 12
3 IT (: Gartner, 2005 9)
ITSM IT Governance
IT . ITSM IT
IT AS 8015(AS 8015-2005 Corporate governance of information
and communication technology) .
ITSM IT ( , )
. AS 8015 IT IT
, ITSM .
-
ISO/IEC 20000 ITSM
13
4 IT Governance (: AS 8015:2005)
ITSM Six Sigma
2007 itSMF itSMF Six Sigma for IT Management
6 IT .
ITIL 6 , ITSM 6 , 6 IT
.
.
-
PART 2: ISO 14
PART 2: ISO
ISO(International Organization for Standardization, ) 1947
157 . ISO
(International Organization for Standardization)
( IOS, OIN - Organisation internationale de
normalisation) ISO , ISO (equal)
isos .)
ISO
ISO , , , ,
.
.
, , .
.
, ,
.
ISO 2007 5 (Member body) 104,
(Correspondent Member) 43, (Subscriber Member) 9 156
, . () KBS(Korean Bureau of
Standards) 1963 ISO ,
1997 (KNITQ: Korean National Institute of Technology
and Quality) , 1999 (KATS: Korean
Agency for Technology and Standards) .
ISO (Council) (General Assembly), (Central
Secretariat), (Technical Management Board), (Policy
Development Committee), (Council Standing Committee), (Ad
hoc Advisory Group) , (Technical
Committee) .
ISO 20000 (Information Technology) JTC1(Joint Technical
Committee, IEC ) .
ISO 6 , ISO/IEC
(Directive) . ISO , TC/SC , ,
-
ISO/IEC 20000 ITSM
15
, ISO ,
.
5 ISO
0. PWI
1. NP
2. WD
3. CD
4. ( ) DIS
5. FDIS
6. ISO
IEC International Electrotechnical Commission
. ISO 20000 IEC ISO/IEC (Directive)
ISO ISO IEC .
ISO
ISO .
, .
.
, .
.
.
.
.
ISO
ISO , ,
.
-
PART 2: ISO 16
. .
,
.
.
, .
,
(a level playing field)
.
,
. , ,
.
ISO ISO 9001 ISO 14001 (Management Standards)
(Practice) (requirements) ISO
.
1.2
IT ISO/IEC 20000( ISO 20000) .
6
(Sector) (Standard)
(Food safety) ISO 22000:2005
(Information security) ISO/IEC 27001:2005
(Supply chain security) ISO 28000:2007
(Automotive) ISO/TS 16949:2002
(Petroleum and gas) ISO 29001:2003
(Medical devices) ISO 13485:2003
(Education) IWA 2:2007
(Health care) IWA 1:2005
(Local government) IWA 4:2005
ISO 20000 (certification) (management system)
(,
-
ISO/IEC 20000 ITSM
17
the certificate) . (registration)
.
.
(accreditation) .
(certification body) ISO 20000
- (accreditation) -
. .
ISO (
) () .
ISO 20000 (scheme) itSMF 3
.
-
PART 3: ISO 20000 18
PART 3: ISO 20000
ISO 20000 IT (ITSMS: IT Service management system)
. ITSMS
IT IT .
ISO 20000 IT IT
. ISO 20000
IT (itSMF) BS 15000 .
ISO 20000 .
(: ISO 9001) ---
(PDCA, Plan-Do-Check-Act ). ISO 20000 ITIL(IT Infrastructure
Library) .
ISO 20000 IT , IT
(ISO/IEC 20000-1:2005) (ISO/IEC
20000-2:2005) .
ISO/IEC 20000-1:2005 (ITSM. Specification for Service Mgmt) IT
IT , , . Shall
(~ ) , .
ISO/IEC 20000-2:2005 (ITSM. Code of Practice for Service Mgmt) ISO 20000-1
.
IT IT
ISO 20000 .
ISO 20000 2005 12 BS 150000 ISO 20000
.
ISO/IEC 20000-1:2005 Part 1: Specification
ISO/IEC 20000-2:2005 Part 2: Code of practice
2008 3 3 4 .
ISO/IEC 20000-3:2007 Part 3: Scoping and applicability
ISO/IEC 20000-4:2007 Part 4: Service Management Process Reference Model
, ISO 20000 .
BIP 0005: A Managers Guide to Service Management
BIP 0015 IT Service Management: Self-assessment Workbook ( ITIL V2
-
ISO/IEC 20000 ITSM
19
ITIL V3 .)
ISO 20000 1 2 2007 .
KS X ISO/IEC 20000-1:2007 --1:
KS X ISO/IEC 20000-2:2007 --2:
ISO 20000 IT .
IT ITIL(IT Infrastructure Library) . ISO
20000-1
.
(managed service) , ,
ISO 20000
.
ISO 20000 IT , IT
. ,
.
, ,
.
, . IT
,
. ISO 20000 .
IT (ITSMS) ( )
IT , IT
. ISO 20000 IT ,
IT .
-
PART 3: ISO 20000 20
ISO 20000
ISO 20000 .
.
.
a
b
c IT
d
e
f
.
IT IT (SI )
IT
IT ,
ISO 20000
ISO 20000
ISO 20000 .
IT ,
IT
,
IT
IT
ISO 20000 .
-
ISO/IEC 20000 ITSM
21
ISO 20000 ITIL(IT Infrastructure Library) Best Practice
.
ISO 20000 . (: ISO 9001)
PDCA
.
, .
6 /
.
ISO 20000
ISO 20000 4 .
(Management commitment)
(Process based system)
(Performance improvement & effective management)
(Customer satisfaction)
-
PART 3: ISO 20000 22
4 IT 8 . ISO 20000
8 .
(Customer focus)
. ,
.
(Leadership)
.
.
(Involvement of people)
.
.
(Process approach)
.
(System approach to management)
.
(Continual improvement)
.
(Factual approach to decision making)
.
(Mutually beneficial supplier relationship)
,
.
ISO 20000
ISO 20000 5 . ,
ISO 20000
, .
(Service Delivery Processes) , ,
(Relationship Processes)
-
ISO/IEC 20000 ITSM
23
(Resolution Processes)
(Control Processes) ,
(Release Process) /
7 ISO/IEC 20000
ISO 20000
(managed service) .
IT
: ITSM , ,
, ITSM , ,
,
: , , SLA ,
, ,
,
, , ,
: , , ,
-
PART 3: ISO 20000 24
(Plan)
: (SMP), ,
(Do)
: , , , ,
,
(Check)
,
: , ,
(Act)
: , , ,
, , , ,
,
.
: , , ,
, ,
, , ,
: , , SLA , SLA ,
,
: ,
.
: , ,
, , ,
,
-
ISO/IEC 20000 ITSM
25
IT
: , ,
/, , ,
: , , ,
, , , //
: , ,
, , ,
: , , /SLA ,
, , ,
: , ,
, , / ,
, , ,
, ,
: , , , ,
,
: , , , ,
, ,
-
PART 3: ISO 20000 26
: , ,
, , , , ,
, , DML, CMDB,
, ,
: , //, ,
, , , ,
,
: , , , ,
, , , , ,
ISO 20000
(1995)
PD 0005: 1995/1998 (A code of practice for Service
Management)
(2000)
BS 15000-1: 2000 (Specification for Service Management)
PD 0015: 2000 IT (IT Service Management Self-
assessment Workbook)
(2002/3)
BS 15000-1: 2002 1 (Specification for Service Management)
BS 15000-2: 2003 2 (Code of Practice for Service
-
ISO/IEC 20000 ITSM
27
Management)
BIP 0005:2003 IT (IT Service Management: A Managers
Guide)
PD0015: 2002 IT (IT Service Management Self-assessment
Workbook)
(2005)
BS 150000 ISO 20000 .
ISO 20000 /
ISO 20000 ISO 9001 . ISO 20000
ISO 9001, ISO 27001 .
8 ISO 9001 ISO 20000
ISO 9001 ISO 20000
4 4.1
4.2 3.2
4.2.1
4.2.2
4.2.3 3.2
4.2.4 3.2
5. 3.1
5.1 3.1
5.2 3.1
5.3
5.4 4.1
5.5 ,
5.6 3.1
6 6.1 4.2 (Do)
6.5
6.2 4.2 (Do)
6.5
6.2.2 , 3.3 ,
6.3 4.2 (Do)
-
PART 3: ISO 20000 28
6.4 4.2 (Do)
7. 7.1 6.1
7.2 7.1
6.1
7.3 5.
7.4 7.3
7.5 4.2 (Do)
7.5.1
7.5.2
4.3 , (Check)
7.5 9.1
9.2
10.1
7.5.4
7.5.5 9.1
9.2
10.1
7.6
8. , 8.1 4.3 , (Check)
6.1
8.2 4.3 , (Check)
8.2.1 7.1
8.2.2 4.3 , (Check)
8.2.3
6.2
8.2.4 6.1
8.3 8.1
8.2
8.4 4.3 , (Check)
6.2
8.5
8.5.1
8.5.2
8.5 3
4.4
-
ISO/IEC 20000 ITSM
29
ISO 20000 ITIL . ISO 20000 IT
, ITIL ITSM
.
9 ISO 20000 ITIL
-
PART 3: ISO 20000 30
2 ITSM
ITSM IT (PI) .
. ITSM ITSM
. ,
IT
.
ITIL V2 ISO 20000
.
ITSM .
Phased VS Big-bang
ITIL ISO 20000 .
(: ) (: )
.
ITSM
ITSM .
Case 1 ITIL ITSM
ITSM
ISO 20000
, ,
.
.
ISO 20000
.
Case 2 ISO 20000
ITSM
.
.
.
Case 3 ISO 20000
-
ISO/IEC 20000 ITSM
31
.
-
PART 4: ITSM 32
PART 4: ITSM
ITSM ITSM Case 3 .
ITSM :
ITSM Set-up, As-Is, To-Be, , , 6
.
10 ITSM
ITSM : Set-up
(SU100)
(CSR) .
IT
.
IT
IT
-
ISO/IEC 20000 ITSM
33
. IT
. .
.
IT
IT IT ITSM
.
IT (SU200)
IT ( ), ,
( ) .
.
()
SLA
.
, ,
, .
//(Mega process/Process/Sub process)
.
ITSM : As-Is
IT (AI100)
, , ITIL ISO 20000 IT
.
-
PART 4: ITSM 34
.
.
IT (AI200)
ITIL ISO 20000 IT .
, .
IT
SWOT
IT
SWOT .
1. ITSM ( )
ITSM ( , )
( / )
(Owner)
2.
(, )
( , )
-
ISO/IEC 20000 ITSM
35
( , , )
3.
,
(, , )
4.
5. ,
( )
,
6.
IT (AI300)
IT , .
( ) .
. /
.
(AI400)
-
PART 4: ITSM 36
/
.
() .
.
, , .
,
.
, ,
.
ITSM : To-Be
ITSM (TB100)
ITSM TO-BE . ITSM 8 8
, , , , , , , .
.
-
ISO/IEC 20000 ITSM
37
IT
.
. OLA .
, , ,
.
(TB200)
ITIL ISO 20000 , , , ,
.
ITSM
ITSM
ITSM
ITSM
ITSM
ITSM
ITSM
ITSM
(//) .
ITSM
, .
// .
ITSM
.
.
ITSM
.
RACI . .
(TB300)
ITSM
ITSM .
-
PART 4: ITSM 38
ITSM
.
.
.
ITSM / ,
.
(TB400)
, .
/
(
)
/
5W1H
.
.
.
-
ISO/IEC 20000 ITSM
39
.
. ,
, .
/
.
ITSM :
(TR100)
TO-BE ,
.
ITIL, ISO 20000
.
.
(TR200)
.
.
-
PART 4: ITSM 40
.
ITSM . ISO 20000
( )
( ) .
.
.
.
(TR300)
.
(
)
.
.
. .
.
-
ISO/IEC 20000 ITSM
41
.
ITSM :
(IS 100)
, .
, , . ,
, .
.
.
ITSM :
(CSI100)
.
-
KPI
.
-
PART 4: ITSM 42
.
.
SMART
(CSF)
SWOT
-
-
ISO/IEC 20000 ITSM
43
PART 5: ISO 20000
, ,
ISO 20000 .
LRQA() Korea - http://www.lrqa.co.kr
BSI() Korea - http://www.bsigroup.co.kr/ko-kr
. .
.
,
.
.
.
ISO 20000
(
) .
.
ISO 20000 (managed service)
.
,
.
.
.
.
ISO 20000 1 .
ISO 20000
.
.
-
PART 5: ISO 20000 44
(: , )
(: )
ISO 20000
ISO 20000
.
?
?
?
?
Gap ?
, , ?
ITSM ?
?
?
?
, ?
?
11
-
ISO/IEC 20000 ITSM
45
1.
Stage1, 2
.
12
(M/D)
Stage 1 Stage 2
1 10 1 1
11 25 1 2
26 45 2 2
46 65 2 3
66 85 2 4
86 125 2 5
126 175 2 6
176 275 2 7
276 425 2 8
426 625 2 ~ 3 8 ~ 9
626 875 2 ~ 3 9~ 10
2.
,
. ( )
3.
.
4.
1 (), 2 ()
.
1 2 1 (1
).
-
PART 5: ISO 20000 46
5. ()
1
6. (1 )
.
.
.
, , ,
.
(, , , )
, ,
(// ,
)
(, , )
13
ISO 20000
7.2
.
5.1
(ITSM
SLM
)
-
ISO/IEC 20000 ITSM
47
7.
.
.
8.
.
, .
14
Major NC
()
Major Non-
Conformity
/
.
(ISO
20000 )
.
/ .
Minor NC
()
Minor Non-
Conformity
, ,
.
RC Require
Correction
(
correction, corrective action )
.
SFI Scope for
Improvement
.
9.
.
, ,
.
-
PART 5: ISO 20000 48
10.
.
,
3 .
11.
6 ,
.
3 ,
.
-
ISO/IEC 20000 ITSM
49
3 ITSM
3 ITSM ISO 20000 . IT
ISO 20000 . ISO 20000 1
ITIL V2, ITIL V3 ISO 20000 2
.
ISO 20000 ISO 9001 ISO 9000 ISO 9001 ISO
20000 .
.
(Terry Neil)
-
PART 6: 50
PART 6:
?
(Management system) IT
.
Management System ITSM IT
ITSMS IT .
,
(input) (output) ,
.
IT(ITSMS) ,
, ITSM ,
.
.
IT , .
?
-
- (: )
-
?
-
-
-
-
-
- ,
-
ISO/IEC 20000 ITSM
51
?
- ()
-
-
-
?
-
-
-
-
- ,
1 , ,
2 ,
3
4
5
6 , , , ,
(: , )
7
8 ,
ITSM , , , ITSM , ,
0.
(service management): ISO 20000
ITIL V3
-
PART 6: 52
(capabilities) .
(top management): . IT
IT .
(ISO 9000:2000)
1. , ,
(leadership) ,
,
.
ITSM
. .
ITSM .
, ITSM
.
CEO ITSM .
.
ITSM .
ITSM .
ITIL .
.
.
.
(, Lao Tsu),
2. ,
.
-
ISO/IEC 20000 ITSM
53
(, , , ) ( ,
) . ,
.
3.
.
, .
,
,
.
B. (Cecil B. De Mille),
.
.
.
.
.
. ( 3
. .)
4.
ISO 20000 .
. ITSM .
.
.
5.
-
PART 6: 54
, (ISO 9001
).
.
.
6. , , , , (:
, )
. ITIL V3
.
(Financial capital)
(Infrastructure)
(Applications)
(Information)
(People)
7.
.
8. ,
ISO 20000 ISO 9001
ISO 20000 ISO 9001
.
.
ITSM
-
ISO/IEC 20000 ITSM
55
(Business
Impact Analysis and Risk Assessment) .
.
.
.
?
?
/ ?
?
?
, ?
.
Step 1 (Identify Information Assets)
, , ,
.
.
(: )
(: ,
). (: CRM
, )
2
.
Step 2 (Aggregate and Prioritize the Assets)
, , . ,
, , , / .
-
PART 6: 56
.
.
.
.
(Critical) .
(Essential)
.
(Normal)
.
Step 3 (Identify Risks)
( )
.
. .
.
Step 4 (Prioritize Risks)
.
.
.
.
Step 5 (List and Define Risks)
.
.
Step 6 (Reference Risks to Critical Assets)
. .
.
Step 7 (Recommendations for Resolving Risks)
-
ISO/IEC 20000 ITSM
57
.
(:
, )
(, )
. .
- S. ,
.
- ,
1 ,
2
3
4
5
6 , , , ,
, , SLA , , ,
0.
(document): .
. , , ,
.
(record): .
, , ,
.
-
PART 6: 58
(Process):
. .
.
.
(Procedure): .
.
.
1. ,
, , . IT
.
. ,
. .
,
2. ( )
3. ( )
4. ( )
5. ( )
6. , , , ,
IT .
,
-
ISO/IEC 20000 ITSM
59
,
,
.
IT
.
, .
, , , ,
.
1
.
2
.
3 ,
.
, , ,
0.
(competence):
.
1. .
, , .
.
-
PART 6: 60
() (/ )
.
2. .
.
.
.
ITSM IT ITSM ,
.
HR
.
.
3. ,
.
MBO(Management by Objective)
.
.
E.M. ,
-
ISO/IEC 20000 ITSM
61
PART 7:
PDCA
--- .
--- .
a : ;
b : ;
c : , , , ;
d : .
---(PDCA: Plan-Do-Check-Act)
15 The Shewhart Cycle(: )
PDCA (Dr. W.
Edwards Deming) . PDCA (Shewhart cycle)
. PDCA "Plan, Do, Study, Act" (PDSA)
.
PDCA (Francis Bacon) (Novum Organum, 1620)
. --(hypothesis - experiment - evaluation)
, (Plan, Do, and Check) .
(, specification), (production), (inspection) 3
( ) . ,
. (tolerance range)
,
.
-
PART 7: 62
.
1950
, , , . , , ,
.
PDCA PDSA .
PDCA (iteration).
. PDCA
.
6 PDCA , , , , (DMAIC: Define, Measure,
Analyze, Improve, Control) . DMAIC
.
PDCA
.
.
PDCA ()
.
( ) . (Kaizen,
) PDCA (jump)
( 'breakthroughs').
.
.
.
. , , ,
, , .
(Plan)
? ?
? ?
?
?
?
?
?
-
ISO/IEC 20000 ITSM
63
(Do)
?
?
?
?
?
(Check)
?
?
?
?
?
, ?
(Act)
?
?
Follow-up ?
, ?
?
?
-
PART 7: 64
/
, , ,
, , IT
/
, ,
,
, ,
16 ---
(Plan)
1
2 , , , ,
3
(SMP), ,
0.
(Service Management Plan, SMP): .
SMP . IT
. (: , )
1.
.
-
ISO/IEC 20000 ITSM
65
,
, ,
, ,
,
IT .
(SMP) ,
, .
.
( )
( )
.
,
ITSM
ITSM .
-
PART 7: 66
(, , , , )
( , )
( )
( )
(, , , 5W1H)
(BIA: )
( )
( )
( ?)
IT (ITSMS) , , ,
. .
ITSM ( )
,
.
/
/ (PDCA)
IT (ITSMS) .
,
-
ISO/IEC 20000 ITSM
67
2. , , , ,
. (: , , , )
3. ( )
(Do)
1
2
3
4 , , ,
5
6 ( ,
, )
7
8
9
, , , ,
0. ( )
1. ( )
2. ( )
3.
. (: )
4. , , ,
( )
-
PART 7: 68
5. ( )
M_o_R .
6. ( , ,
) ( )
7. ( )
8.
ITSM
SLA
MBO
9.
.
.
-
ISO/IEC 20000 ITSM
69
M_o_R
M_o_R Management of Risk OGC
. .
(Principles)
12 .
(context)
(supportive)
.
.
, ,
5 .
(Reduction)
-
PART 7: 70
(Removal)
(Transfer)
(Retention)
(Share)
.
(Identify)
(Assess)
(Plan)
(Implement)
. .
.
.
- (Alfred Adler),
(Check)
1
2
3 ISO 20000
4 ,
5 , ,
6 (
)
7 ,
-
ISO/IEC 20000 ITSM
71
8
, ,
0.
(audit):
,
(audit program):
1.
, ,
. , , .
2.
( , )
.
3. ISO 20000
.
4. ,
.
-
PART 7: 72
,
( )
IS0 19011 .
5. , ,
.
6. (
)
.
7. ,
, , ( ) , , .
8.
, .
(Act)
.
1
2 ISO 20000 (, , ,
)
3
4 , ,
5 , ,
6
,
7 ,
-
ISO/IEC 20000 ITSM
73
8
9 , ,
10
11 ,
12 , ,
13
, , , , ,
, , ,
0.
(Improvements): '' ,
(
.
)
(Benefits):
ROI(Return on Investment):
( )
VOI(Value on Investment):
. ROI VOI
1.
.
.
, , .
2. ISO 20000 (, , , )
( ), ( ), (
) .
3.
. ITIL V3
-
PART 7: 74
.
4. , ,
IT ,
.
5. , ,
.
(:
)
. .
.
.
.
.
.
.
.
, .
.
: , ,
: , (), ,
, ,
:
.
. ,
.
-
ISO/IEC 20000 ITSM
75
6.
,
.
.
gap
( ) .
.
7. ,
, .
.
TIP (improvement)
.
8.
TIP ,
.
. (: , )
9. , ,
: , , ,
: , /,
: , ,
10.
TIP , , /, ,
.
11. ,
TIP
.
-
PART 7: 76
12. , , ( )
13.
TIP ,
.
(W. Edwards
Deming, 190093) .
PDCA(
---)
.
17 (The Deming Cycle)
-
ISO/IEC 20000 ITSM
77
18 (: ITIL V3 CSI)
ITIL V3
. 1 IT
.
?
, .
1
IT 1 .
?
.
5 5
.
?
.
2008 3 .
?
.
, ,
.
?
.(
.) 2008
-
PART 7: 78
12 3 .
?
, .
ISO 20000
. , .
19 7 (: ITIL V3 CSI)
7 , .
1
.
.
2
.
. ,
, .
3
.
-
ISO/IEC 20000 ITSM
79
,
, .
4
.
. , ,
.
5
(, , , ) () .
, , , .
6
.
. , , ,
.
7
, , , , .
, ,
.
.
1
, , ,
2
3
4 ()
5
-
PART 7: 80
6 ,
7 (PIR)
, , , , ,
0.
(New or Changed Service):
,
.
(Request fulfillment)
(Operational change) ()
.
/ . (
Major, Minor Major
.)
.
1. , ,
,
.
, ,
?
( )
( , ) ? (,
, , )
?
?
2.
.
-
ISO/IEC 20000 ITSM
81
3.
( )
4. ()
.
, ,
(: , )
, , , (: ,
)
5.
TIP (Acceptance Criteria) .
6. ,
TIP , .
7. (PIR) ( )
-
PART 8: (Delivery) 82
PART 8: (Delivery)
(Service level management)
1
2 (SLA) , ,
.
3 (OLA),
4
5
6
7
8
, , SLA , SLA , ,
0.
(SLA: Service Level Agreement):
. IT . SLA IT
IT . IT
SLA .
(service catalog):
. IT
.
IT ()
. .
-
ISO/IEC 20000 ITSM
83
1.
TIP .
2. (SLA) , ,
SLA (, , ) .
3. (OLA),
OLA , .
4.
.
.
5.
TIP SLA .
6.
TIP .
.
7. ( )
8.
( )
SLA
-
PART 8: (Delivery) 84
.
1 3 4
SLA
SLA
SLA
SLA
2
1.1
SLA
1.2
1.3
1.4
2.1
2.2
2.3
2.4
2.5
2.6
3.1
3.2
3.3
4.1
4.2
4.3
4.4
4.5
20
(SLM)
(SLM)
.
,
, , ,
(SLA) . (SLA)
.
,
.
,
, (SLA)
.
.
-
ISO/IEC 20000 ITSM
85
,
,
, , , ,
(SLA) ,
(SLA) .
(SLA) ,
, , , , .
(SLA) ,
(SLA) ,
.
(SLM)
, , , ,
, , .
(SLA) .
(SLA) .
.
(Andrew Carnegie)
(Service reporting)
.
1 , , ,
2
3
-
PART 8: (Delivery) 86
,
0. ( )
1. , , ,
:
) (, )
:
) ISO 20000, , ,
:
) , , , ,
:
) (), , ,
:
) , , ,
:
) , ,
,
2.
,
-
ISO/IEC 20000 ITSM
87
3.
8 .
ITSM
.
. ISO
20000
.
(Service availability management)
1
2 ,
3
1
4
5
6
7
8 (
)
, , , ,
0.
(Availability):
-
PART 8: (Delivery) 88
.
.
IT .
(Reliability), (Maintainability), (Serviceability), (Performance)
(Security) .
(Service Time) (Downtime) . IT
.
ISO 20000
ITIL .
.
(Continuous Availability 100% ),
.
,
.
.
1.
.
(High availability) , (outage) ,
. ( )
(Continuous operations) 24, 7
. ( )
(Continuous availability) 24, 7
.
2. ,
:
:
-
ISO/IEC 20000 ITSM
89
.
KPI . ( )
: , ,
3.
1
TIP SLA, SLA, 1 .
,
.
4.
.
5.
( )
. .
6.
TIP RFC
. (: , , )
7. ( )
8. (
)
.
. ,
, , .
-
PART 8: (Delivery) 90
ISO 9001, ISO 20000, ISO 27001, BS 25999
() . 1
.
.
.
(Service continuity management)
1
2
1 ( )
3
4
5
6 , ,
.
7
8
, , , ,
,
0.
IT (ITSCM) (BCM): ISO 20000 IT
IT
.
(BCM)
-
ISO/IEC 20000 ITSM
91
. BCM , , .
BCM
. BCM IT ,
.
(RTO: Recovery Time Objective): IT
. . IT
, , .
(RPO: Recovery Point Objective): ,
. . ,
1 1 , 24
. IT , , ,
IT .
1.
, SLA, (BIA) RTO, RPO
.
24, 7
DR(Data Recovery) ISO 20000
.
.
2.
1 (
)
TIP , ,
.
3. (
)
4.
IT
. (6 )
-
PART 8: (Delivery) 92
5. ( )
6. , ,
.
() .
7.
IT .
( ) .
8.
.
, ,
, , .
21
(Immediate Recovery)
(Hot Standby)
IT
(mirroring), (load balancing),
(split site)
(Fast Recovery) 24
(Hot Standby)
, IT
(Intermediate
Recovery)
24~72
(Warm Standby)
(Gradual Recovery) 72
(Cold Standby)
,
-
ISO/IEC 20000 ITSM
93
(Business continuity management, BCM)
BCM 2007 BS 25999
. (Business continuity
management system, BCMS)
.
BCMS .
BCMS ,
BCM BCMS , BCMS
, BCMS
, BCMS
, BCMS
BCMS
BCMS .
BCMS
BCMS
-
PART 8: (Delivery) 94
.
(Sir William Osler),
. .
- (Ralp Waldo Emerson), /
IT (Budgeting and accounting)
ISO 20000 .
.
.
1
2
3
4
, , /, ,
,
0.
: (service-oriented)
, .
(indirect cost): IT .
. .
(asset): .
. . , , , ,
, , , ,
(direct cost): , , IT
. .
-
ISO/IEC 20000 ITSM
95
(cost types): , , (labor), (administration)
(classification): /(capital/operational), /(direct/indirect), /
(fixed/variable), (cost units)
: , ,
1.
.
IT , , , , ,
IT
.
.
.
( ) .
IT . (
)
2.
( )
3.
( )
4. ( )
, ?
, .
-
PART 8: (Delivery) 96
(Capacity management)
.
1
2
3
4 ,
5 , ,
6 (: )
7
8
,
, , , , ,
, //
0.
(capacity): IT
. CI , .
: IT IT
. ,
IT .
: IT .
,
.
1.
, , , (),
. (
.)
, .
-
ISO/IEC 20000 ITSM
97
TIP ITIL V3 .
2.
, , .
IT
IT
IT ,
IT
, ,
3.
(),
(OS,DBMS ) .
(
.
.)
4. , ( )
5. , ,
.
6. (: )
IT
IT .
7.
TIP ITIL V3
-
PART 8: (Delivery) 98
8. ,
, , .
(Information security management)
ISO/IEC 17799 -
.
1
2
3
4 ,
5
6
7
8
9 ,
10
, , , ,
,
0.
(ISMS: Information Security Management System):
ISO ISO 27000 Family ISMS
.
-
ISO/IEC 20000 ITSM
99
ISO 27000 (Vocabulary and Definitions): 2008/2009
ISO/IEC 27001:2005 (ISMS Requirements): 2005 10
ISO/IEC 27002:2005 (ISO 17799) (Code of Practice): 2007 7
ISO 27003 (Implementation Guidance): 2008/2009
ISO 27004 (Metrics and Measurement): 2008/2009
ISO 27005 (BS-7799-3) (Risk Management): 2008/2009
1.
( )
2.
ISO 27000 , ISO 20000
.
,
3.
ISO 20000
.
IT
IT
. (: , )
()
. (: ,
, , IT )
4. ,
-
PART 8: (Delivery) 100
ISO 20000 ISO 27001
.
.
5.
.
6.
(/) .
7.
.
8. ( )
9. ,
mechanism [] . . )
() .
10.
( )
.
.
(Benjamin Disraeli),
-
ISO/IEC 20000 ITSM
101
PART 9: (Relationship)
.
, ,
,
.
.
.
.
.
(Business relationship management)
.
1
2 , , ( )
1
3 , ,
4 ,
5 ( ) ,
6 ( )
7 ,
8
9
10 , , , ,
11
12
13
-
PART 9: (Relationship) 102
14
, , /SLA , , ,
,
0.
(customer satisfaction):
.
.
.
(Customer Satisfaction index) .
1.
,
, .
.
. (:
(Business Owner), (Business Unit), .)
2. , , ( )
1 ( )
3. , ,
2 3 SLA .
4. , ( )
5. ( ) ,
, ,
.
-
ISO/IEC 20000 ITSM
103
6. ( )
, .
7. ,
,
, .
8.
.
( :
).
.
9.
.
10. , , , ,
( )
11.
. .
12.
TIP Business relationship manager, Account manager
13.
.
.
.
.
,
-
PART 9: (Relationship) 104
.
.
14.
( )
.
: (Supplier management)
1
2
3 ( ) , ,
4
5
6
7
8 1
9 ( )
10
11
12 ,
13
14
-
ISO/IEC 20000 ITSM
105
, , ,
, / , , , ,
, ,
0.
: ITIL UC(Underpinning Contract) . IT
. IT
. SLA
.
1.
.
, , , ,
,
2. ( )
3. , ,
. ( )
,
, ,
4.
-
PART 9: (Relationship) 106
(SPI)
.
5.
.
6.
IT , , .
SLA , , .
1
2
34
( )
7.
(demonstration) .
( )
.
, ISO 20000
ISO 20000 .
.
8. 1
ISO 20000 ISO 9001
.
-
ISO/IEC 20000 ITSM
107
.
, ,
.
9. ( )
( )
10. ( )
11.
.
12. ,
, ,
.
( )
(, , , )
-
PART 9: (Relationship) 108
13. ( )
14.
( )
-
ISO/IEC 20000 ITSM
109
PART 10: (Resolution)
.
(:
).
.
(Reactive) (Proactive)
.
,
(correction), (corrective action), (preventive
action) .
,
,
.
.
,
.
.
(Incident management)
.
1
2
3 , , , , , ,
,
4
5
6 , ,
-
PART 10: (Resolution) 110
7
, , , , ,
0.
(incident):
. ?
.
IT IT .
. (
)
(service desk):
(SPOC: The Single Point of Contact).
.
22
1.
.
(Failure):
(Request): , ,
(Query):
-
ISO/IEC 20000 ITSM
111
.
, , , ,
ITSM
? .
ITIL 3
(request fulfillment) .
23
2.
, ,
.
.
24
-
PART 10: (Resolution) 112
High Medium Low
High 1 2 3
Medium 2 3 4
Low 3 4 5
1 Critical 1
2 High 8
3 Medium 24
4 Low 48
5 Planning
3. , , , , , , ,
.
, ,
(, )
4.
/, , ,
.
(Web) , , .
-
ISO/IEC 20000 ITSM
113
5.
.
6. , ,
( ),
, ,
. IT .
7.
.
.
.
(Duke Ellington), /
(Problem management)
,
.
1
2
3 , , , ,
4 (:
)
5
6 ,
7
8
-
PART 10: (Resolution) 114
, , , , , ,
0.
(problem): .
.
.
.
(Known-error):
.
.
. ,
.
(KEDB):
. ITIL V3
. (KEDB )
1.
.
(Reactive) :
(Proactive) :
.
ITSM .
(: ) (: KPI )
.
2. ( )
-
ISO/IEC 20000 ITSM
115
3. , , , ,
.
,
(, , )
4.
.
(: , )
,
,
5. ( )
6. ,
, , ,
.
7.
( 6 )
.
.
.
-
8.
( )
-
PART 11: (Control) 116
PART 11: (Control)
(Configuration management)
.
1
2
3
4
5 ,
6 ,
7
8 (: )
9 ,
10
11 (: , , )
,
12 CMDB CMDB
()
13 CMDB ( )
14 , , , ,
15 ,
, , , , ,
, , , , DML, CMDB,
0.
-
ISO/IEC 20000 ITSM
117
(baseline): .
(reference point) (benchmark). , ITSM
IT
IT .
(configuration item, CI):
. , ,
,
.
. IT , , , ,
SLA .
(Configuration management database):
. CMDB
.
CMDB CMDB CI CI .
: ITIL V2 ITIL V3
(SACM: Service Asset and Configuration Management)
( , ).
ITIL V3 .
: .
. . , , ,
, , , , ,
: IT IT
.
CI .
: , (
)
1.
()
.
, , .
. (
.)
.
-
PART 11: (Control) 118
.
.
, .
2. (Financial asset accounting
)
ISO 20000 .
IT .
.
3.
.
,
(: , , , )
, (: )
(: )
,
(: , )
(: , )
(: )
4.
. (S/W, H/W, N/W)
.
/
-
ISO/IEC 20000 ITSM
119
/
/
( )
.
.
5. ,
, . ITSM
.
6. ,
.
CPU CPU,
.
PC PC .
(: RFID) .
. .
, ,
-
PART 11: (Control) 120
,
DML
7.
.
(, , )
,
8. (: )
.
TIP 5 ITSM .
9. ,
.
/
(S/W, Data, )
10.
.
RFC CI
-
ISO/IEC 20000 ITSM
121
11. (: , , )
,
DSL(Definitive Software Library) ITIL
.
: CD, ,
: , ,
( )
12. CMDB CMDB ()
( )
13. CMDB ( )
CMDB .
CI
CI
-
- //
-
-
- CI , , ,
RFC
CI , ,
CMDB
CMDB
14. , , , ,
.
, CI , ,
CI
CI , CI , , CI
CI
-
PART 11: (Control) 122
15. ,
.
IT
CI
.
:
:
(Change management)
, , .
1
2 (RFC) (: urgent, emergency, major, minor)
3 , ,
4 (reverse) (remedy)
5 ,
6
7
8
9
10 , ,
11
12
-
ISO/IEC 20000 ITSM
123
, //, , , ,
, , ,
0.
(change record): ,
.
. (RFC) .
.
.
(request for change):
. RFC . RFC
.
1.
(
) , ,
. (: Major , Minor )
2. (RFC) (: urgent, emergency, major, minor)
, , ,
.
(Standard Change): PC
.
.
(Normal Change): .
(Emergency Change): 119
.
.
(Corrective Change):
(Enhancement Change):
3. , ,
. .
-
PART 11: (Control) 124
.
.
25
4. (reverse) (remedy)
.
.
. ( )
5. ,
.
6.
(Post Implementation Review, PIR) .
?
?
, , , , ,
?
?
?
?
?
7.
-
ISO/IEC 20000 ITSM
125
TIP .
(emergency)
.
.
.
.
CAB/EC .
. ( )
.
8.
(Live Environment)
.
9.
.
,
10. , ,
. .
-
PART 11: (Control) 126
/
11. ( )
12. (
)
-
ISO/IEC 20000 ITSM
127
PART 12: (Release)
(Release management)
,
.
1
2
3 , ,
4 (: , ,
)
5 (reverse) (remedy)
6 ,
7
8
9
10
11
12
13
14
15 , IT
, , , , , ,
, , ,
0.
-
PART 12: (Release) 128
(release): / .
, , , IT
.
(entity) .
(release process): ISO 20000
. ( .)
.
(release management):
, , .
, .
.
1.
.
.
.
, .
,
. ,
.
2.
.
, ,
-
ISO/IEC 20000 ITSM
129
.
(Big bang)
(Phased approach)
rollout
Push and Pull
Push .
.
Pull
(: )
(Automation) (manual)
.
3. , ,
.
, , , .
.
/
/
-
PART 12: (Release) 130
4. (: , ,
) ( )
5. (reverse) (remedy)
( )
6. ,
TIP ITSM .
7. ( )
8.
.
, , .
9. ( )
10.
.
11.
.
.
, , ,
, , ,
, ,
( )
-
ISO/IEC 20000 ITSM
131
12.
( )
13.
.
14.
. (
)
15. , IT
-
- ITSM 132
- ITSM
.
.
(Tom Peters),
ITSM 2~3 IT
ITSM
.
ITSM ITSM
.
ITSM
.
ITSM 4 .
ITSM .
.
.
ITSM .
1. ITSM .
. ITSM
ITSM
.
ITSM ,
IT . ITSM IT
ITSM ITSM
.
A .
A IT ITIL(IT Infrastructure Library) Foundation
. ITSM
, , ITSM
-
ISO/IEC 20000 ITSM
133
.
B.
ITIL ITSM
ITSM .
5-6
. ITSM
.
C.
.
ITSM ITSM
.
ITSM ITSM
.
2. .
ITSM
70% .
ITSM
.
.
.
A.
IT A CEO ITSM
ITIL Foundation ITIL Foundation .
ITSM
1 .
B.
ITSM Kick-Off, , , .
CIO
.
. . ITSM
.
-
- ITSM 134
.
3. .
. ,
.
ITSM 3P(People, Process, Product)
.
. ,
,
.
.
ITIL IT .
,
. ,
. ITSM
.
.
.
.
ITSM
.
ITSM (GUI)
.
ITSM
, .
4. .
ITSM ITSM
. ITSM ITSM
. ITSM
-
ISO/IEC 20000 ITSM
135
. ITSM
.
ITSM .
1) ISO/IEC 20000
ISO20000 , , ,
. 2 6
. ITSM
ISO/IEC 20000 .
2) ITSM KPI
ITSM
(Key Performance Indicator: KPI) ,
.
ITSM .
.
.
.
.
ITSM ITSM
ITSM .
-
- ITSM 136
- ITSM
IT .
IT ,
IT
.
26
27
-
ISO/IEC 20000 ITSM
137
28
29
,
ITSM
-
- ITSM 138
ITSM
IT
, ,
,
IT ,
IT
,
-
ISO/IEC 20000 ITSM
139
- ITSM
IT ,
, ,
.
ITSM
.
IT
ITSM
.
ISO 20000
ITSM KPI(Key Performance Index)
SLA ITSM KPI
, , .
Dashboard SLA ITSM KPI .
KPI , (
KPI
), (: , ),
.
-
- ITSM 140
, SLA Dashboard
.
(SMP)
( , )
SLA
(SLA , )
ITSM
.
ISO 20000
(: )
(: )
IT
ITSM
. ( .)
ISO 20000
IT (Excel , )
(Excel , )
ITSM
.
ISO 20000
ITSM (: )
(: )
(: )
-
ISO/IEC 20000 ITSM
141
ITSM
.
ISO 20000
(BPM)
,
ITSM
.
ISO 20000
SLA ( SLA )
(: )
ITSM
SLA ( , , , )
SLA (, , , )
CI
//
SLA
SLA/OLA/UC
ISO 20000
SLA Dashboard
ITSM
-
- ITSM 142
ISO 20000
IT ( )
( )
( )
( )
( )
ITSM
.
ISO 20000
Dashboard
(CDB: )
CI ( )
( )
CI ( )
( )
( )
(, ) ( )
( )
( )
ITSM
.
ISO 20000
, ,
ITSM
ISO 20000
-
ISO/IEC 20000 ITSM
143
, ( )
ITSM
//
DB
(Queuing) IVR, CTI
/
, ,
,
, Known Error
CI
ISO 20000
.
ITSM
, ,
(Known Error) ,
(Task)
, , ,
-
- ITSM 144
FAQ
ISO 20000
.
ITSM
, , , ,
, ,
CI
(Task)
ISO 20000
(PIR: Post Implementation Review)
PIR
, ()
(, , )
ITSM
,
( )
-
ISO/IEC 20000 ITSM
145
, ,
CI
SLA
ISO 20000
ITSM
, , , Record
Rollback
ISO 20000
(Deploy) ( )
ITSM
.
ISO 20000
, ,
-
- ITSM 146
- ITSM
(Management System)
/
ITSM
/ ITSM . , ,
.
ITSM .
/
.
/
/
ITSM . (), /KPI
, ,
/
6, 12/ . , , ,
6, 12/ .
.
6, 12/ . , ITSM
/ , ,
6, 12/ ITSM
6, 12/
. ,
,
/
(, , , )
/ .
/
IT
.
,
ITSM (, , )
.
/ . (SIP)
-
ISO/IEC 20000 ITSM
147
.
(PIR) .
(Service Delivery)
/
(SoR)
(SLA) / , , ,
SLA / SLA .
SLA 6, 12/ SLA
,
/ (
)
IT
/
/ (, )
(, , )
/ , ,
/ ( ,
)
,
(CDB)
,
(
)
/ , ,
/
( )
/
(, )
-
- ITSM 148
/
, , ,
/
(
)
(Relationship)
/
/ ( ,
, )
/ IT ITSM
, ,
6, 12/
IT
( )
6, 12/
,
(SLA) /
. SLA
SLA
/
SLA
SLA
/
SLA
(Control)
-
ISO/IEC 20000 ITSM
149
/
/
6, 12/ /
(RFC)
CAB (CAB) .
.
(Resolution)
/
(Release)
/
(
)
-
- ITSM 150
(Delivery)
(: , )
-
ISO/IEC 20000 ITSM
151
(Delivery)
(SLA)
/ SLA
, ,
(: 09:00 19:00), (: , ),
, ,
, ,
( ), , ,
(: )
-
- ITSM 152
(SMP)
,
, ,
, ,
,
-
ISO/IEC 20000 ITSM
153
(Control)
, ,
(: , )
, , , (: , )
-
- ITSM 154
(Control)
IT
. .
, , ,
( , , /,
)
, , (: , , )
(, , , , )
(: )
(: )
-
ISO/IEC 20000 ITSM
155
(Control)
, , .
( )
-
- ITSM 156
(Release)
,
-
ISO/IEC 20000 ITSM
157
(SAC)
(SAC: Service Acceptance Criteria)
.
(Target dates)
(Major functions)
(Appearance)
(Personnel level required to use/operate a deliverable)
(Performance levels)
(Capacity)
(Accuracy)
(Availability)
(Reliability)
(Development costs)
(Running costs)
(Security)
(Ease of use)
(Timings)
-
- ITSM 158
, (, , )
: , , , , , , ,
: , , , ,
: , IT ,
: ,
: , ,
-
ISO/IEC 20000 ITSM
159
(Delivery) IT
(, , )
( , )
-
- ITSM 160
(Resolution)
( , , )
(summary, description)
(type): , ,
, , (category, service, component)
, (team, service owner)
(source)
(priority): critical, high, medium, low
(status)
(activity log):
(resolution):
-
ISO/IEC 20000 ITSM
161
( )
-
162
KS X ISO/IEC 20000-1:2007
KS X ISO/IEC 20000-2:2007
IT Infrastructure Library Version 3, OGC, 2007
ISO 9000:2000
ISO 9001:2000
BS 25999-2:2007 ,
How to Deploy BS 25999, Avalution Consulting, Susan Yardis
Business Impact Analysis and Risk Assessment for Information Assets, Georgia Institute of
Technology, 2003
80 (What I learned before I sold to Warren
Buffett), C. , 2007 .
.
-
.
- (Ralph Waldo Emerson)
http://www.blueprint.or.kr