DOI QR코드

DOI QR Code

Information System Audit Improvement Plan in Requirements Engineering-based Quality Assurance and Project Management

요구공학 기반 품질보증 및 프로젝트 관리에서의 정보시스템 감리 개선 방안

  • 신정철 ((주)에프아이솔루션) ;
  • 김동수 (건국대학교 정보통신대학원) ;
  • 김희완 (삼육대학교 컴퓨터공학부)
  • Received : 2021.01.25
  • Accepted : 2021.03.18
  • Published : 2021.03.31

Abstract

Requirements engineering can be seen as proceeding with various processes and activities such as extraction, analysis, specification, management, and verification without temporal and spatial constraints in the development environment of information systems that are becoming large and decentralized. Developing requirements well and conducting continuous evaluation and management is the shortcut to success in project management, and it is recognized as a very important matter in relation to requirements in the information system audit. When we conduct information system audit and conducting projects subject to audit, we need to improve the required engineering aspect. Therefore, this study derives inspection items suitable for the target project by referring to the audit inspection manual and audit inspection guide when conducting the current audit, and relates to the required engineering aspect among the contents of the inspection guide for each business type that is the basis for deriving the inspection items were derived for each audit point/audit area for the project management and quality assurance project type corresponding to the inspection items. The suitability of the extracted occupation items was verified through a questionnaire survey by experts.

요구공학은 대형화 및 분산화 되고 있는 정보시스템의 개발환경 속에서 시간적·공간적 제약 없이 정확하고 명확한 요구사항을 추출, 분석, 명세, 관리, 실증검증 등의 다양한 프로세스와 활동들로 진행한다고 볼 수 있다. 따라서, 프로젝트의 성공을 위해 이해관계자들 간의 협력과 체계적인 요구공학이 무엇보다 중요하다. 요구사항을 잘 개발하고 지속적인 평가 및 관리를 하는 것이 프로젝트관리에 있어서 성공하는 지름길이라 할 수 있으며, 정보시스템 감리 수행에서도 요구사항과 관련하여 매우 중요한 사항으로 인식되고 있다. 정보시스템 감리 수행과 감리 대상이 되는 사업 수행시 요구공학 측면의 개선이 필요하다. 이에 본 연구는 현행 감리 수행시 감리점검해설서와 감리점검가이드를 참조하여 대상 사업에 적합한 점검항목을 도출하고 감리 점검사항인 점검항목의 도출 근거가 되는 사업유형별 점검가이드 내용 중 요구공학적 측면에서 관련 점검항목들에 해당하는 프로젝트관리 및 품질보증 사업유형에 대한 감리시점/감리영역별로 점검항목들을 도출하였다. 도출된 점거항목에 대해 전문가의 설문 조사를 통해 적합성을 검증하였다.

Keywords

Acknowledgement

This paper was supported by the Fund of the Sahmyook University in 2020.

References

  1. Byun, J. W., Kim, J. H., Rhee, S. Y., and Hwang, M. S.(2010), "A Technique for Classifying Requirement/Stakeholder and Generating Information for Negotiation Using Kano Model and Statistical Method," Journal of the Information Science Society: Software and Applications, Vol.37, No.3, pp. 161-169
  2. Byun, J. W., Hwang, M. S., and Rhew, S. Y.(2012), "Metrics for Representing Consistency between Requirements and Objectives/Constraints," Journal of the Information Science Society: Software and Applications, Vol. 39, No. 4, pp. 269-279
  3. Cho, H. K., Lee, J. H.(2013), "A Study of Design Process for Sensor-based Smart clothing based on requirement engineering," Emotional Science, Vol.16, No.3, pp. 397-408
  4. Choi, S. K., Choi, E. H.(2013), "Requirements Engineering & Management by the Object Oriented Methodology in the Weapon system," Jouranl of Information and Security, Vol.13, No.3, pp. 55-62
  5. G. Kotonya, L. Sommerville(2000), 「Requirements Engineering: Processes and Techniques」, John Willey and Sons.
  6. Joo, Y. K., Kim, D. S., Rhee, H. K., and Kim, H. W.(2014), "Effects of the Information System Operation Audit on the Quality of Information System," Journal of the Korean Society of Knowledge and Information Technology, Vol.9, No.6, pp. 781-795
  7. K. Wiegers(2003), 「SoftwareRequirement,2nded」, MicrosoftPress.
  8. Kim, H. W., Lee, H. M., and Kim, D. S.(2011), "Design on Fixed Quantity Analytical Model for Information System Audit," Journal of the Korea Contents Association, Vol. 11, No.2, pp. 88-100
  9. Kim, H. K.(2013), "A Study on the Security Audit Model of Financial Institutions using ISMS and PIMS," Graduate School of Information and Communication, Konkuk University, Master's Thesis
  10. Lee, H. O.(2002), A Study on Compulsory Information System Audit Plan, National Information Society Agency.
  11. Lee, J. Y., Kim, D. S., and Kim, H. W.(2010), "Design of Information Protection Audit Model in Information System Audit," Journal of Digital Industry Information Society, Vol.6, No.2, pp. 233-245
  12. Lee, S. W., Choi, M. B.(2014), "An Establishment of the Process System for Software Requirements Engineering," Journal of the Korean Society for Internet, Broadcasting and Communication, Vol.14, No.1, pp. 37-49 https://doi.org/10.7236/JIIBC.2014.14.1.37
  13. Ministry of Public Administration and Security(2012), E-government law, National Law Information Center
  14. Moon, M. K., Yeom, K. H.(2004), "An Approach to Managing Requirements as a Core Asset in Software Product - Line," Journal of the Information Science Society: Software and Applications, Vol. 31, No. 8, pp. 1010-1026
  15. National Information Society Agency(2009a), Information Systems Audit Check Guide, National Information Society Agency.
  16. National Information Society Agency(2009b), Information System Audit Manual, National Information Society Agency
  17. National Information Society Agency(2013), Information System Audit Implementation Guide_V2.1, National Information Society Agency.
  18. R. S. Pressman, 「Software Engineering A Practitioner's Approach,7thed」, McGraw-Hill, 2009.
  19. S. Robertson(2006), Mastering the Requirements Process, 2nded, AddisonWesley.
  20. Song, S. K., Park, S. Y., and Lee, J. H.(2012). "Thesaurus-Based Non-Functional Requirements Elicitation Technique for Agile Methodology," Journal of the Information Science Society: Software and Applications, Vol. 39, No. 8, pp. 655-663
  21. Soren Lauesen(2006), Software Requirements: Styles & Techniques, AddisonWesley.
  22. The Standish Group, "CHAOS Summary 2009", The Standish Group, 2009.