Browse > Article
http://dx.doi.org/10.9716/KITS.2013.12.4.219

IS Audit Framework Development through e-Gov's RFID/USN Project in South Korea  

Kim, Sojung (국립 싱가포르 대학교 경영대학)
Koo, Chulmo (경희대학교 호텔관광대학)
Koh, Chang E. (북 텍사스 주립대학교 경영대학)
Publication Information
Journal of Information Technology Services / v.12, no.4, 2013 , pp. 219-234 More about this Journal
Abstract
We introduced a framework of information systems audit methodology and applied to IS projects based on RFID/USN in six public organizations in South Korea. An analysis of five IS implementation projects shows the iterative technical specific risks are disclosed. The key 14 risk factors categorized into 4 classifications (Project Management, application, database, system architecture) which are based on the established IT audit framework in order to extend to the technology (RFID/USN) specific framework and apply to the other case as well. The implications of these findings for audit research and practice are discussed.
Keywords
Information Systems Audit; e-Government; South Korea; National Information Society Agency(NIA);
Citations & Related Records
연도 인용수 순위
  • Reference
1 Anon, "Research on Korean IT market", available at http://www.krgweb.com/, (accessed 2010).
2 Bacon, C. J., "The Use of Decision Criteria in Selecting Information Systems/Technology Investments", MIS Quarterly, (1992), pp.335-353.
3 Benbast, I., Godstein. D. K, Mead, M., "The case research strategy in studies of information systems", MIS Quarterly, Vol.11, No.1(1987) pp.365-386.
4 Bedard, J. et al., "Information Systems Risk and Audit Planning", International Journal of Auditing, Vol.9, No.2(2005), pp.147-163.   DOI
5 Blackburn et al., C. C. Blackburn, C. L. Augustine, R. Li, R. P. Harvey, M.A. Malin, R. L. Boyd, J. F. Miller, and G. Morahan, "The nu gene acts cell-autonomously and is required for differentiation of thymic epithelial progenitors", 1996.
6 Cho, I., "Information Systems Audit Legislation Passed in Korea. Information Systems Control Journal Online", (2008), pp.1-6.
7 Debreceny, R. S. and G. L. Gray, "IT Governance and Process Maturity:A Multinational Field Study", Journal of Information Systems, Vol.27, No.1(2013), pp.157-188, doi : 10.2308/isys-50418.   DOI
8 Ellis, D., R. Barker, S. Potter, and C. Pridgeon, "Information audits, communication audits and information mapping", International Journal of Information Management Vol.13(1993), pp.134-151.   DOI   ScienceOn
9 Faraj and Sproull, "Coordination expertise in software development team", Management Science, Vol.46, No.12(2000), pp.1554- 1568.   DOI   ScienceOn
10 Gilhooley, I. A., "Auditing Computerized Systems", EDPACS : The EDP Audit, Control and Security Newsletter, Vol.9 No.8(1982), pp.1-8.
11 Grabski, S., J. H. Reveau, and S.A. West, "Comparison of Judgment, Skills, and Prompting Effects between Auditors and Systems Analysts", MIS Quarterly, Vol.11, No.2 (1987), pp.151-161.   DOI   ScienceOn
12 Kim, C., "Research on actual status of IS Audit in the public sector, NIA, National Information society Agency", 2000.
13 Kim, C., "The IS Auditor Basic Education and Professional Education Textbook", NIA, National Information Society Agency, 2007.
14 Lainhart, J. W., "Cobit:A Methodology for Managing and Controlling Information and Information Technology Risks and Vulnerabilities", Journal of Information Systems, Vol.14(2000), pp.21-25.   DOI
15 Lee, C., "The Study on the effects of IT audit in the national administration network project", NIA, National Computerization Agency, 1992.
16 Nidumolu, S. R., "A Comparison of the Structural Contingency and Risk-Based Perspectives on Coordination in Software-Development Projects", Journal of Management Information Systems, Vol.13, No.2 (1996), pp. 77-113.   DOI
17 Park, S., "The Study of the measure of IT audit efficacy", NIA, National Computerization Agency, 1998.
18 Rittenberg, L. and P. Charles, "The Internal Auditor's Role in MIS Developments", MIS Quarterly, Vol.2, No.4(1978), pp.47-57.   DOI   ScienceOn
19 Ridley, G., J. Young and P. Carroll, "COBIT and its Utilization : A Framework from the Literature, Proceedings of the 37th Hawaii International Conference on System Sciences", 2004.
20 Rittenberg and G. B. Davis, "The Roles of Internal and External Auditors in Auditing EDP Systems", Journal of Accountancy, (1977), pp.51-58.
21 Seo, S., "The ISA PR Material", NIA, National Computerization Agency, 2001.
22 Seo, S., "A study on the Effectiveness of Information Systems Audit", NIA, National Computerization Agency, 2002.
23 Sun, L., R. P. Srivastava, and T. J. Mock, "An Information Systems Security Risk Assessment Model under the Dempster-Shafer Theory of Belief Functions", Journal of Management Information Systems, Vol.22, No.4 (2006), pp.109-142.   DOI   ScienceOn
24 Weber, R., "Information systems control and audit", New York : Prentice Hall, 1998
25 Weiss, I. R., "Auditability of Software : A Survey of Techniques and Costs", MIS Quarterly, (1980), pp.39-50.
26 Yin, R. K., "Case Study Research : Design and Methods. 2nd Edition", CA: Sage Publication, 1994.
27 Harter, D., M. Krishnan, and S. Slaughter, "Effects of process maturity on quality, cycle- time, and effort in software product development", Management Science, Vol.46, No.4(2000), pp.451-466.   DOI   ScienceOn
28 Nidumolu, S., "The Effect of Coordination and Uncertainty on Software Project Performance: Residual Performance Risk as an Intervening Variable", Information Systems Research, Vol.6, No.3(1995), pp.191- 219.   DOI   ScienceOn
29 Wu, R. C., "The information systems auditor's review of the systems development process and its impact on software maintenance efforts", Journal of Information Systems Spring, (1992), pp.1-13.
30 Seo, S., "A Study on the Enhancement of the IS Audit Framework", NIA, National Computerization Agency, 2003.