Ȩ > Ç¥ÁØÈ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ
Ç¥ÁعøÈ£ | TTAE.IT-X.1150 | ±¸Ç¥ÁعøÈ£ | |
---|---|---|---|
Á¦°³Á¤ÀÏ | 2024-12-06 | ÃÑÆäÀÌÁö | 100 |
ÇѱÛÇ¥Áظí | µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º¸¦ À§ÇÑ º¸¾È º¸Áõ ÇÁ·¹ÀÓ¿öÅ© | ||
¿µ¹®Ç¥Áظí | Security Assurance Framework for Digital Financial Services | ||
Çѱ۳»¿ë¿ä¾à | ÀÌ Ç¥ÁØÀº µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º¿¡¼ ¹ß»ýÇÏ´Â À§Çù°ú Ãë¾à¼ºÀ» ½Äº° ¹× Æò°¡Çϱâ À§ÇÑ À§Çè °ü¸® ÇÁ·Î¼¼½º¿Í º¸¾È ÅëÁ¦¸¦ ½Äº°ÇÏ°í µðÁöÅÐ ±ÝÀ¶¼ºñ½º¿¡ ´ëÇÑ º¸¾È º¸Áõ ÇÁ·¹ÀÓ¿öÅ©¸¦ Á¦°øÇÑ´Ù.
µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º´Â ÀºÇà, µðÁöÅÐ ±ÝÀ¶¼ºñ½º Á¦°øÀÚ, À̵¿Åë½Å»ç, Ç÷§Æû Á¦°øÀÚ, ±ÔÁ¦ ±â°ü µî ´Ù¾çÇÑ ÀÌÇØ°ü°èÀÚµéÀÌ Âü¿©ÇÏ´Â º¹ÀâÇÑ »ýÅ°è·Î ±¸¼ºµÇ¾î ÀÖÀ¸¸ç, ¿©·¯ ´ç»çÀÚ°£ÀÇ »óÈ£ ¿¬°á¼º°ú ÀÇÁ¸¼ºÀ¸·Î ÀÎÇØ º¸¾ÈÀÇ °æ°è°¡ °í°´, ³×Æ®¿öÅ© Á¦°øÀÚ, Á¦ 3ÀÚ Á¦°øÀÚ¿¡°Ô±îÁö È®ÀåµÈ´Ù. ÀÌ Ç¥ÁØÀº ÀÌ·¯ÇÑ µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º »ýÅ°èÀÇ ÀÌÇØ°ü°èÀÚµéÀÌ Á÷¸éÇÏ´Â º¸¾È À§Çù°ú Ãë¾àÁ¡À» ½Äº°ÇÏ°í, À̸¦ Æò°¡Çϱâ À§ÇÑ º¸¾È À§Çè °ü¸® ÇÁ·Î¼¼½º¸¦ Á¦°øÇÑ´Ù. ¶ÇÇÑ µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º Á¦°ø ¾÷ü¿Í ¸ð¹ÙÀÏ ³×Æ®¿öÅ© ¿î¿µÀÚ°¡ ±¸ÇöÇØ¾ß ÇÏ´Â º¸¾È ÅëÁ¦¿Í »ç¿ëÀÚ, ¸ð¹ÙÀÏ ÀåÄ¡, ¸ð¹ÙÀÏ ³×Æ®¿öÅ© ¿î¿µÀÚ ¹× µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º Á¦°øÀÚ¸¦ º¸È£Çϱâ À§ÇÑ ÅëÁ¦¸¦ Æ÷ÇÔÇÑ µðÁöÅÐ ±ÝÀ¶ ¼ºñ½º¿¡ ´ëÇÑ º¸¾È º¸Áõ ÇÁ·¹ÀÓ¿öÅ©¸¦ Á¦°øÇÑ´Ù. |
||
¿µ¹®³»¿ë¿ä¾à | This standard identifies risk management processes and security controls for identifying and assessing threats and vulnerabilities arising in digital financial services and provides a security assurance framework for digital financial services.
Digital financial services comprise a complex ecosystem involving a variety of stakeholders, including banks, digital financial services providers, mobile operators, platform providers, and regulators, and the interconnectedness and dependencies among these parties extend the boundaries of security to customers, network providers, and third-party providers. This standard provides a security risk management process for identifying and assessing the security threats and vulnerabilities faced by stakeholders in these digital financial services ecosystems. It also provides a security assurance framework for digital financial services, including security controls that digital financial services providers and mobile network operators should implement, and controls to protect users, mobile devices, mobile network operators, and digital financial services providers. |
||
±¹Á¦Ç¥ÁØ | |||
°ü·ÃÆÄÀÏ | TTAE.IT-X.1150_[1].pdf |