Browse > Article
http://dx.doi.org/10.9708/jksci.2012.17.4.173

A Quantitative Method for Quality Improvement of Information System Audit Evaluation  

Lee, Ki-Young (Dept. of Medical IT & Marketing, Eulji University)
Kim, Young-Ho (Korea IT Audit & Consulting Inc.)
Han, Ki-Joon (Division of Computer Science & Engineering, Konkuk University)
Abstract
As a result of the compulsory of information system audit and a rise in audit demand, the quality improvement of information system audit is being emphasized. However, since the current information system audit heavily depends on the auditor's experience, skill, and subjective judgments, it incurs distrust in the objectivity and reliability of audit results from audit interest person. Furthermore, so far research activities aimed at securing the objectivity and reliability of audits have not been adequately carried out. Therefore, this paper presents a quantitative method for information system audit evaluation in order to contribute to the quality improvement of overall information system audit through securing compliance, objectivity, and reliability of information system audit. The quantitative method is largely composed of two sectors, such as evaluation areas and items, scores calculation for evaluation items, and can generally apply the information system audit standard to information system audit evaluation.
Keywords
Information System Audit; Audit Evaluation; Quantitative Method; Quantitative Evaluation;
Citations & Related Records
연도 인용수 순위
  • Reference
1 National Information Society Agency, "A Study on the Effectiveness Analysis System for Information System Audit," 2001
2 Ministry of Public Administration and Security, "Electronic Government Act," No.10012, 2010.
3 Frank, V.L., and Soligen, R.V., "Adopting GQM-Based Measurement in an Industrial Environment," IEEE Software, pp.78-86, 1998.
4 National Information Society Agency, "A Performing Audit Guide for Information Business," 2011.
5 Korea IT Industry Promotion Agency, "A Study on Analysis of Relevance for Process Capability and SW Development Performance," 2004.
6 Goethert, W., and Fisher, M., "Deriving Enterprise-Based Measures Using the Balanced Scorecard and Goal-Driven Measurement Techniques," SEI Technical Note, 2003.
7 National Information Society Agency, "Information System Audit Inspection Guide V2.0," 2007.
8 Lee, B.M., Rim, J.G., Kwon, H.J., Kwon, M.S., and Kwon, Y.I., "The Establishment of IT Audit+ and Direction for Increasing its Market," Proceedings on Spring Conference, Korea Society of IT Services, pp.279-284, 2011.
9 Ministry of Information and Communication, "Information System Audit Standards," MIC Notice No.2006-42, 2006.
10 Ministry of Public Administration and Security, "Information System Audit Standards," MPAS Notice No.2010-85, 2010.
11 National Information Society Agency, "Information Business Audit Order Management Guide," 2011.
12 National Information Society Agency, "Final Report on Operating Status Survey of 2010 Information System Audit System," 2010.
13 Ministry of Information and Communication, "The Act on the Introduction and Operation for Efficiency of Information System," No.7816, 2005.
14 National Information Society Agency, "A Study on the Plan for Development of Information System Audit Framework," 2003.
15 National Information Society Agency, "A Study on the Ensuring Plan for Audit Trail and Evaluation Methods," 1999.
16 National Information Society Agency, "The Critical Success Factors and Action Plan for the Improvement of Information System Audit," 2000.
17 National Information Society Agency, "A Study on Measures for Improvement of Standards and Writing Guidelines for Review Opinion of Information System Audit," 2003.
18 Kim, D.S., and Kim, H.S., "Applying a Quantitative Model on Information System Security Audit Evaluation for Improving Audit Quality," Information Technology and Database Journal, No.11-2, pp.45-64, 2004.
19 National Information Society Agency, "A Study on Evaluating the Effectiveness of Information Systems Audit," 1998.
20 Whang, I.S., "Problems and Improvement Plan of Information System Audit Framework," Proceedings of Information System Audit Symposium, Korea Association of Information System Audit, pp.3-22, 2005,