References
- Afifi, M. A. (2020). "Assessing Information Security Vulnerabilities and Threats to Implementing Security Mechanism and Security Policy Audit." Journal of Computer Science, 16(3), 321-329. https://doi.org/10.3844/jcssp.2020.321.329
- Alavi, M. & Carlson, P.(1992). "A Review of MIS Research and Disciplinary Development." Journal of MIS, 8(4), 45-62.
- Almadhoob, A. & Valverde, R. (2014). "Cybercrime prevention in the Kingdom of Bahrain via IT security audit plans." Journal of Theoretical and Applied Information Technology, 65(1), 274-292.
- Alviana, S. (2020). "User Care Level Audit of Information Data Security at PT XYZ Using Guttman Scale." IOP Conference Series: Materials Science and Engineering, 879(1), 1-7. https://doi.org/10.1088/1757-899X/879/1/012050
- Arionadi, K., Dharma, S. A. & Partha, C. G. I. (2016). "IT security audit based on CISSP PMBOK framework." International Journal of Engineering and Emerging Technology, 1(1).
- Atymtayeva, L. & Kozhakhmet, K. (2015). "Development of expert system for information security audit." International Journal of Computer Research, 22(4), 399.
- Au, C. & Fung, W. (2019). "Integrating knowledge management into information security: From audit to practice." International Journal of Knowledge Management(IJKM), 15(1), 37-52.
- Azubike, J. (2011). "Computer information security audit: Procedures for policy design and implementation." Nigeria Journal of Education, Health and Technology Reserch(NJEHETR), 1(2), 164-168.
- Barankova, I. & Mikhailova, U. & Kalugina, O. (2019). Analysis of the Problems of Industrial Enterprises Information Security Audit. Paper presented at the International Russian Automation Conference, 976-985.
- Beldiman, C. (2021). "Risks' Identification and Assessment in a Public Entity Regarding the IT Security Audit." Annals of the University Dunarea de Jos of Galati: Fascicle: I, Economics & Applied Informatics, 27(1).
- Bendovschi, A. & Ionescu, B. (2015). "The Gap between Cloud Computing Technology and the Audit and Information Security." Audit Financiar, 13(125).
- Bhaskara, I. M. A., Suardani, L. G. P. & Wijaya, W. A. (2018). "Data and Information Security Audit Using IT Baseline Protection Manual at PT." XYZ. International Journal of Engineering and Emerging Technology, 2(2), 78-82.
- Billones, M. O. M. & Ona, S. E. (2011). Formulation of an Information Security Audit Process Model Applicable to Educational Institutions. Paper presented at the International Conference on Information Theory and Applications, I29.
- Candiwan, M. Y. D. & Priyadi, Y. (2016). "Analysis of Information Security Audit Using ISO 27001: 2013; ISO 27002; 2013 at IT Division-X Company, In Bandung, Indonesia." International Journal of Basic and Applied Science, 4(4), 77-88.
- Capuder, L. (2004). "ISO-17799-Standard for Information Security: A Welcome Boon for Security Management and Audit." EDPACS, 31(11), 1-10. https://doi.org/10.1201/1079/44239.31.11.20040501/81101.1
- Cefaratti, M. A., Lin, H. & Wallace, L. (2011). "The information security control environment: chief audit executives responding to a survey identify the most and least common controls their organizations deploy to protect IT resources." Internal Auditor, 68(2), 55-59.
- Chandra, I. (2008). "The five C's of IT policy: reviewing the effectiveness of information security policies is a key part of IT audit plans." Internal Auditor, 65(6), 23-25.
- Choi, J. & Nam, K. (2001) "A Study on an Audit Model for the Defense Information System security using BS7799." Journal of the Military Operations Research Society of Korea, 27(1), 89-100.
- Cohen, F. (1998). "Managing Network Security: How does a typical IT audit work?" Network Security, 1998(7), 8-11. https://doi.org/10.1016/S1353-4858(98)80006-8
- Dharmalingam, R. & Smalov, L. (2016). "Information Security Audit in Virtual Environment." The Research Bulletin of Jordan ACM, 2, 132-136.
- Dias, B. (2021). "Big data information security audit" Earth Sciences, 19, 51-53.
- Drastich, M. (2013). "Audit of information security management system." Global Journal on Technology, 3, 1051-1056.
- Gill, G. & Bhattacherjee, A., (2009). "Whom Are We Informing? Issues and Recommendations for MIS Research From an Informing Sciences Perspective." MIS Quarterly, 33(2), 217-235. https://doi.org/10.2307/20650290
- Goel, S., Pon, D. & Menzies, J. (2006). "Managing information security: Demystifying the audit process for security officers." Journal of Information System Security, 2(2), 25-45.
- Golyash, I. & Sachenko, S. & Rippa, S. (2011). Improving the information security audit of enterprise using XML technologies. Paper presented at the 6th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems, 2, 795-798.
- Grzyb, M. & Kowalik, D. (2020). "Information security management-audit of the IT system." Information management in the era of the Internet, 83-104.
- Gulzira, M., Gulmira, B., Altynbek, S. & Assel, O. (2020). The audit method of enterprise's Information security. Paper presented at the 6th International Conference on Engineering & MIS 2020, 1-5.
- Gupta, A. & Shakya, S. (2015). "Information System Audit: Cloud Computing Security and Challenges." International Journal of Computer Science and Mobile Computing (IJCSMC), 4(11), 48-56.
- Hamdan, M. N. M. (2017). "The Relationship between Network Security Policies and Audit Evidence Documentation: The Accounting Information Security Culture as a Mediator." International Journal of Business and Management, 12(12), 168-180. https://doi.org/10.5539/ijbm.v12n12p168
- Hatsu, S., Ujapka, M. B. & Mpimwood, E. D. (2015). "An examination of the extent of implementation of the information security system and IT audit system in Ghananian Banks [J]." Journal of Mass Spectrometry, 11(11), 375-382.
- Hermann, Y. K. J. & Tanguy, K. B. (2022). "Study on the Audit of IT Security in Health Structures: Case of Health Structures in Burkina Faso." American Journal of Science, Engineering and Technology, 7(2), 39-43.
- Hermanowski. D. (2015). Open source security information management system supporting IT security audit. Paper presented at 2015 IEEE 2nd international conference on cybernetics, 336-341.
- Hwang, I. & Kim, D. (2016) "The Effect of Organizational Information Security Environment on the Compliance Intention of Employee." Journal of information systems, 25(2), 51-77. https://doi.org/10.5859/KAIS.2016.25.2.51
- Ivanova, N., Korobulina, O. & Burak, P. (2010). "Methods of analysis for the information security audit." New Trends in Information Technologies. ITHEA, Sofia, 152-161.
- Jeon, K., Jang, J. & Noh, H. (2007) "Security Auditing Check List for Web Applications." Institute for Basic Science(IBS), 18, 153-166.
- Jeon, S., Lim, J., Lee, K. & Han, K. (2012) "A Study on Security Audit Checking Items for the RFIDBased Information System." Korea Society of IT Services, 11(4), 107-121. https://doi.org/10.9716/KITS.2012.11.4.107
- Jeon, S., Zeelim-Hovav, A. & Lee, H (2015). "Impact of Psychological Ownership, Job Position and Awareness of Audit on Information Security Policy Compliance Intention." The Journal of Internet Electronic Commerce Research, 15(6), 39-55.
- Jeon, Y., Cho, K. & Kim, W. (2006) "A Design and Implementation of Information Security Management and Audit System for Government Agencies." Journal of Internet Computing and Services (JICS), 7(5), 81-93.
- Jeong, K., Kim, K., Seo, K., Ryu, K. & Kang, C. (1997) "Implementation of Audit Trail Service System for EDI Security." The KIPS Transactionsty, 4(3), 754-766.
- Jeong, C. (2013) "Review of Privacy Policies of Personal Data Processors and Audit of Privacy Protection: Lessons from the EU, the UK and the US Experiences." Chosun law journal, 20(1), 3-29.
- Kanatov, M., Atymtayeva, L. & Yagaliyeva, B. (2014). Expert systems for information security management and audit. Implementation phase issues. Paper presented at the 2014 Joint 7th International Conference on Soft Computing and Intelligent Systems (SCIS) and 15th International Symposium on Advanced Intelligent Systems (ISIS), 896-900.
- Kim, D. & Kim, H. (2004). "Research on application of quantification model to security audit evaluation to improve information system audit quality." Journal of Information Technology Applications & Management, 11(2), 45-64.
- Kim, J. & Hwang, K. (2022). "Analysis of domestic research trends in the field of information system auditing." Public Audit and Inspection Review, 37, 95-121.
- Kim, M., Park, S. & Kwon, H. (2013). Research on IT audit process for information security. Paper presented at the Korean IT Service Society Conference Proceedings, 639-642.
- Kim, T. (2014). "A review of domestic information protection-related laws and systems." Boannews, 2022
- Kim, Y. & Nam, K. (1993). "Information system security and audit trail mechanisms." Journal of Communications and Information Security, 3(3), 67-79.
- Kim, Y. & Cho, S. (2012). "Analysis of social network service research trends in the media area." informatization policy, 19(4), 3-26.
- Kozlovs, D., Cjaputa, K. & Kirikova, M. (2016). "Towards Continuous Information Security Audit. REFSQ Workshops."
- Lakhno, V., Akhmetov, B., Chubaievskyi, V., Desiatko, A., Palaguta, K., Blozva, A. & Chasnovskyi, Y. (2021). "Information Security Audit Method Based on the Use of a Neuro-Fuzzy System." Proceedings of the Computational Methods in Systems and Software. 171-184.
- Li, Z. (2016). "Research on Information Security Audit Base on Semantic Web Ontology and Improve Vector Space Model." International Journal of Security and Its Applications, 10(12), 141-152. https://doi.org/10.14257/ijsia.2016.10.12.12
- Lee, C. (2008) "A Study on industrial control system information security Auditing framework." Journal of The Korea Institute of Information Security and Cryptology (JKIISC), 18(1), 139-148.
- Lee, C., Hong, S., Kang, S. & Kim, J. (2009). "The Study on the Information Security Audit Guideline for SCADA System." Informational International Interdisciplinary Journal, 12, 147-162.
- Lee, D. & Park, J. (2010) "A Study on the Information System Security Audit Method for Personal Information Protection." Journal of Korea Safety Management & Science, 12(4), 107-116.
- Lee, E., Park, B., Jang, S. & Lee, S. (2018) "Study on IT security audit system for e-commerce private information protection." The Korea Society of Computer and Information, 26(1), 179-182.
- Lee, H. & Myung, S. (2013) "Analysis of Research Trends in domestic informatization and e-government since 2000." Informatization Policy, 20(4), 3-22.
- Lee, J., Shin, S., Kim, H. & Hwang, K. (2012) "A Study on Research Framework and Research Trends in IT Service Management (ITSM) Area." Informatization Policy, 19(1), 3-24.
- Lee, J., Kim, D. & Kim H. (2010) "A Design on the Information Security Auditing Framework of the Information System Audit." Journal of the Korea Society of Digital Industry and Information Management, 6(2), 233-245.
- Lee, N., Lee, J. & Hwang, K. (2014) "Research framework and research trends in the field of health care information technolgy." informatization policy, 21(3), 3-32. https://doi.org/10.22693/NIAIP.2014.21.3.003
- Lee, S. & Park, D. (2015) "A Study on Maturity Model for Improving Security Check in Information System Audit." Journal of Security Engineering, 12(2), 151-168. https://doi.org/10.14257/jse.2015.04.05
- Lim, J., Kim, D. & Han, K. (2008) "Securiry Audit Checking Items for the RFID-Based Information Systems." Korea Society of IT Services, 419-422.
- Lin, R. & Huang, Y. (2020). Enterprise Internal Audit Data Network Security System in the Information Age. Paper presented at the International Conference on Cyber Security Intelligence and Analytics, 98-103.
- Livshitz, I. I., Nikiforova, K. A., Lontsikh, P. A. & Karasev, S. N. (2016). The new aspects for the instantaneous information security audit. Paper presented at the 2016 IEEE Conference on Quality Management, Transport and Information Security, Information Technologies (IT&MQ&IS), 125-127.
- Lo, E. C. & Marchand, M. (2004). Security audit: a case study information systems. Paper presented at the Canadian Conference on Electrical and Computer Engineering 2004 (IEEE Cat. No. 04CH37513), 1, 193-196.
- Lontsikh, P. A., Safonova, O. M., Koksharov, A. V., Lontsikh, N. P. & Golovina, E. Y. (2021). Remote Audit Improvement Methods in the System-oriented Information and Security Analysis. Paper presented at the 2021 International Conference on Quality Management, Transport and Information Security, Information Technologies (IT&QM&IS), 178-182.
- Lu, H., Cui, X., Wang, L., Jiang, Y. & Cui, M. (2018). The Research on Security Audit for Information System Classified Protection. Paper presented at the International Conference on Cloud Computing and Security, 300-308.
- Markina, I. & Diachkov, D. (2019). "Information security audit specificity." Moderni veda, 1, 13-20.
- Min, H. & Lee, H. (2016). The need to redefine the concept of information security auditing. Paper presented at the Korea Society of IT Services Conference Proceedings, 293-294.
- Muneeb-ul-Hasan, S. H. O. & Arshad, M. M. (2019). "A Conceptual Framework of Information Security Database Audit and Assessment." International Journal of Innovative Computing, 9(1), 7-13.
- Nastase, F. & Nastase, P. (2007). "Information Security Audit in e-business applications." Informatica Economica, 11(1), 79-87.
- NIA (2022). National informatization white paper.
- NCSC (2022). National Cyber Security Center Guideline 2022.
- Office of Government Commerce(OGC). (2007). ITIL V3. Service Design.
- Othman, N. A. A., Norman, A. A. & Kiah, M. L. M. (2021). "Information System Audit for Mobile Device Security Assessment." 2021 3rd International Cyber Resilience Conference(CRC), 1-6.
- Palvia, P., Chau, P., Kakhki, M.D., Ghoshal, T., Uppala, V. & Wang, W. (2017). "A Decade Plus Long Introspection Of Research Published In Information & Management." Information & Management, 54(2), 218-227.
- Pathak, J. (2006). "Internal audit and corporate governance: A program for information security review audit." The EDP Audit, Control, and Security Newsletter, 31, 1-13.
- Pereira, T. & Santos, H. (2010). "An audit framework to support information system security management." International Journal of Electronic Security and Digital Forensics, 3(3), 265-277. https://doi.org/10.1504/IJESDF.2010.038288
- Pereira, T. & Santos, H. (2011). "Description of a Practical Application of an Information Security Audit Framework." Paper presented at the European Conference on Cyber Warfare and Security, 315.
- Popa, M. (2010). "Requirements for Development of an Assessment System for IT&C Security Audit." Journal of Mobile, Embedded and Distributed Systems, 2(2), 56-64.
- Popa, M. & Doinea, M. (2007). "Audit Characteristics for Information System Security." Informatica Economica, 11(4), 103-106.
- Popescu, G., Popescu, V. A. & Popescu, C. R. (2007). "Information systems security audit." Manager Journal, 6(1), 81-88.
- Popescu, G., Popescu, V. A. & Popescu, C. R. (2008). "Conducting an information security audit." Manager Journal, 7(1), 76-82.
- Quanxiu, H. & Guangying, C. (2011). "Research of security audit of enterprise group accounting information system under internet environment." Paper presented at the 2011 2nd International Conference on Artificial Intelligence, Management Science and Electronic Commerce (AIMSEC), 516-519.
- Radu, R. I. & Isai, V. (2014). "Determination of the Effectiveness of Information Security and Audit Accounting IT Informational Program." Annals of the University Dunarea de Jos of Galati: Fascicle: I, Economics & Applied Informatics, 20(2), 93-98.
- Raggad, B. G. & Collar, E. J. (2006). "The Simple Information Security Audit Process: SISAP." International Journal of Computer Science and Network Security, 6(6), 189-198.
- von Roessing, R. (2005). Improving the IT Security Audit Framework: Standards, Common Ground, and Strategic Alignment. Proceedings of Security and Protection of Information 2005, 25-32.
- Roratto, R. & Dias, E. D. (2014). "Security information in production and operations: a study on audit trails in database systems." JISTEM-Journal of Information Systems and Technology Management, 11, 717-734.
- Rudowski, M. & Tarnowska, K. (2016). "Decision support system for information systems security audit (WABSI) as a component of IT infrastructure management." Information Systems in Management, 5(3), 389-400.
- Rytov, M. Y., Leksikov, E. V., Sakalo, V. I. & Kovalev, P. A. (2017). "The Use of Fuzzy Cognitive Modelling to Manage Information Security Audit of Information Portals of Regional Executive Authorities." Journal of Physics: Conference Series, 803, 1-5.
- Ryu, K., Kim, K., Yoon, S. & Lee, Y. (1997) "Design of intrusion detection and audit tracking system using information security computer network events." Information Processing Society Journal, 4(9), 2342-2353.
- Salihu, A. & Berisha-Hoti, X. (2019). "The Effect of IT Audit on Security Incidents." International Journal of Scientific & Technology Research, 8(8), 1342-1347.
- Satoh, N. & Komoda, N. (2005). A labor time estimation model for the information security audit by quantitative analysis I and regression analysis. Paper presented at the 4th WSEAS International Conference on E-Activities, 136-141.
- Satoh, N. & Samejima, M. (2019). "Risk words suggestion for information security audit by Bayesian inference." Electronics and Communications in Japan, 102(1), 42-48.
- Schryen, G., Benlian, A., Rowe, F., Gregor, S., Larsen, K., Petter, S. & Yasasin, E. (2017). "Literature reviews in IS research: What can be learnt from the past and other fields?" Communications of the Association for Information Systems, 41(30), 759-774. https://doi.org/10.17705/1CAIS.04130
- Shakya, S. & Gupta, A. (2017). "Concerns on Information System and Security Audit". Journal of Advanced College of Engineering and Management, 3, 127-135.
- Schultz, V., Kulba, V. & Shelkov, A. (2014). "Information security audit of automated control systems." Trends and management, 4, 319-334.
- Singleton, T. W. & Singleton, A. J. (2008). "The potential for a synergistic relationship between information security and a financial audit." Information Security Journal: A Global Perspective, 17(2), 80-86. https://doi.org/10.1080/19393550801983783
- Smith, G. (2007). "Greatest IT audit and security risks of 2006." Journal of Corporate Accounting & Finance, 18(4), 43-48. https://doi.org/10.1002/jcaf.20307
- Stafford, T., Deitz, G. & Li, Y. (2018). "The role of internal audit and user training in information security policy compliance." Managerial Auditing Journal, 33(4), 410-424.
- Stafford, T., Gal, G., Poston, R., Crossler, R. E., Jiang, R. & Lyons, R. (2018). "The role of accounting and professional associations in it security auditing: An AMCIS panel report." Communications of the Association for Information Systems, 43(1), 482-493.
- Steinbart, P. J., Raschke, R. L., Gal, G. & Dilla, W. N. (2013). "Information security professionals' perceptions about the relationship between the information security and internal audit functions." Journal of Information Systems, 27(2), 65-86. https://doi.org/10.2308/isys-50510
- Steinbart, P. J., Raschke, R. L., Gal, G. & Dilla, W. N. (2018). "The influence of a good relationship between the internal audit and information security functions on information security outcomes." Accounting, Organizations and Society, 71, 15-29. https://doi.org/10.1016/j.aos.2018.04.005
- Suduc, A. M., Bizoi, M. & Filip, F. G. (2010). "Audit for information systems security." Informatica Economica, 14(1), 43.
- Surcel, T. & Amancei, C. (2007). "The Information Security Management System, Development and Audit." Informatica Economica, 11(4), 111-114.
- Surcel, T. & Amancei, C. (2011). "A Progressive Improvement of the Integrated System for Academic Management through Information Security Management System Audit and Metrics." Academy of Economic Studies. Economy Informatics, 11(1), 132-141.
- Tanriverdi, H., Bertsch, J., Harrison, J., Hsiao, P. L., Mesuria, K. S. & Hendrawirawan, D. (2006). "AlphaCo: A Teaching Case on Information Technology Audit and Security." Journal of Digital Forensics, Security and Law, 1(1), 45-68.
- Tofan, D. C. (2011). "The Security Audit Within Information Systems." Paper presented at the 6th International Conference on Knowledge Management: Projects, Systems and Technologies, 18.
- Vieira, T. & Serrao, C. (2016). "Web applications security and vulnerability analysis financial web applications security audit a case study." International Journal of Innovative Business Strategies (IJIBS), 2(2), 86-94.
- Voevodin, V. A., Markina, M. S. & Markin, P. V. (2020). "Determination of the weight of audit evidence by the method of point ratings in the information security audit." Computational Nanotechnology, 1, 57-62. https://doi.org/10.33693/2313-223X-2020-7-1-57-62
- Warigon, S. (1999). "Information Security and Audit Implications of Electronic Money." EDPACS, 26(7), 12-15. https://doi.org/10.1201/1079/43244.26.7.19990101/30237.3
- Wen, C. C. K., Othman, S. H. & Sirat, M. M. (2018). "Development of Metamodel on Information Security Risk Audit and Assessment for IT Assets in Commercial Bank." International Journal of Innovative Computing, 8(2), 23-32.
- Westland, J. (2021). "Assessing Privacy and Security of Information Systems from Audit Data." Information Systems Frontiers, 1-18.
- Yen, J., Lim, J., Wang, T. & Hsu, C. (2018). "The impact of audit firms' characteristics on audit fees following information security breaches." Journal of Accounting and Public Policy, 37(6), 489-507. https://doi.org/10.1016/j.jaccpubpol.2018.10.002
- Yoon, S., Jang, E. & Kwon, H. (2003) A study on security audit process model of web-based system. Paper presented at the Korea Society of IT Services Conference Proceedings, 407-412.
- Yu, G. & Gao, P. (2013). Risk-Based Information Security Audit Applied Research in the Power Industry. Paper presented at the 2013 International Conference on Control Engineering and Communication Technology. 176-179.
- Yu, W., Han, K., Kim, D. & Kim, H. (2014) "Audit model for information protection in hospital information systems." Digital convergence, 12(7), 133-145.
- Zhou, X. (2020). Improvement of information System Audit to Deal With Network Information Security. Paper presented at the 2020 International Conference on Communications, Information System and Computer Engineering (CISCE). 93-96.
- Zorkadis, V. & Siougle, E. (2001). Information Security and Privacy Audit Modeling. Paper presented at the 5th world multiconference on Circuits, Systems, Communications and Computers.