• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.81-93
• /
• 2006

Recently, information technology is considered as a basement of management for industries as well as administrations. Especially, government agencies deal with more high sensitive and Important data than other businesses, so, their security managements should be fair and efficient. At present, most government agencies possess and operate their own information security systems, but apply them for the sake of formality only, even do not adapt an audit system for management polices. This paper presents a design and implementation of an automated audit system which is suitable for the operation environment in government agencies, using the audit system based on the BS7799. The. proposed system aims to objectively, numerically and daily control the ISMS (Information Security Management System) for different level of government agencies. In addition, it permits to design and implement an adaptive audit tool, in order to meet a given condition of audit organization and guard the personal relationship between the auditor and its counterpart.

• KSCI Review
• /
• v.11 no.1
• /
• pp.9-17
• /
• 2003

Along with trends of other countries, the Ministry of Information and Communication in Korea decided to operate an Information System Audit Institution for raising qualify of computer network facilitated in state organ and public institution, and to construct effective construction of information system. The aim of the audit institution is applying it to public information business, establishing an information system audit qualification system, and upbringing Private audit organs. The Ministry of Information and Communication realized that although the demand of information system area audit is explosively expanding, the National Computerization Agency cannot satisfies the demand and realize to have audit control for the information of national business as well. The Ministry of Information and Communication plan to enforce the audit on public information business by correlate with information business. The ministry enforce that the supervisory company has major roll to audit and national import business decided by the Information Promotion Committee is subject to have audit control. Therefore, in this paper, the contents of internal audit among internal/external audit will be presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.1
• /
• pp.75-82
• /
• 2015

Recently, many public auditing schemes have been proposed to support public auditability that enables a third party auditor to verify the integrity of data stored in the remote cloud server. To improve the performance of the auditor, several public auditing schemes support batch auditing which allows the auditor to handle simultaneously multiple auditing delegations from different users. However, when even one data is corrupted, the batch auditing will fail and individual and repeated auditing processes will be required. It is difficult to identify the corrupted data from the proof in which distinct data blocks and authenticators of distinct users are intricately aggregated. In this paper, we extend a public auditing scheme of Wang et al. to support batch auditing for multi-cloud and multi-user. We propose an identification scheme of the corrupted cloud when the data of a single cloud is corrupted in the batch auditing of multi-cloud and multi-user.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.11a
• /
• pp.501-504
• /
• 2007

2002 년 미국의 회계부정 문제에 기인해 감사조서의 작성 및 수정, 보관에 관한 규정이 강화되었다. 따라서, 회계감사의 일부로 수행되는 전산감사도 이 규정에 따라 전산 감사조서의 작성이 강화되었다. 최근 정부는 공공기관에서 발주하는 일정규모 이상의 정보화 프로젝트에 대한 감리를 의무화하였으며, 공공부분의 정보시스템 감리는 점차 확대되어 감리시장이 성숙단계에 이르는 것으로 평가되고 있다. 본 연구에서는 정보시스템 감리수행 결과를 평가하기 위한 감리조서의 구성방안을 제안한다. 기존 감리보고서의 불분명한 감리전략과 감리 결과를 지지하는 증거가 불충분한 문제점을 보완하여 감리전략에 기반한 감리조서의 구성을 제안한다. 이는 기존의 감리절차 진행과정에 감리조서 작성을 추가/보완함으로써 기존의 감리절차를 유지하면서도 감리보고서의 신뢰성을 증진한다.

• Communications for Statistical Applications and Methods
• /
• v.17 no.5
• /
• pp.745-753
• /
• 2010

Compared to the U.S. Government Accountability Office(GAO) and the U.K. National Audit Office(NAO), the Board of Audit and Inspection of Korea(BAI) has not laid a rather solid system for effective assessment and judgment on the reliability of computer-processed data used as audit evidence in its public auditing activities. Accordingly, based on the experiences of GAO and NAO, this study suggests criteria and methods as the key elements of the methodological framework for assessing the reliability of information system data. Then, the usefulness and effectiveness of the criteria and techniques for assessing data reliability were tested and proved by applying to the analysis of allotment for mandatory disabled employment data that have been computer-processed and managed by the Korea Employment Agency for the Disabled(KEAD).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.32 no.1
• /
• pp.109-122
• /
• 2022

The purpose of information security activities is to reduce large-scale material and human accidents that are concerned about hacking damage to important systems, such as control systems, through periodic preventive activities in addition to finding the cause and taking follow-up measures after damage caused by hacking. For this reason, although each institution is using a security work audit model in accordance with the relevant regulations, it is not easy to conduct company-wide inspection activities due to the constraints of manpower and time. Therefore, in this paper, we will analyze the major vulnerabilities of public institutions over the past 10 years and present a security audit model that can perform efficient security activities compared to the models for domestic and foreign security audits.

• 월간 기계설비
• /
• s.63
• /
• pp.29-50
• /
• 1995

감사원장 자문기구인 부정방지대책위원회(위원장 서영훈)는 $\ulcorner$공사질서, 어떻게 확립할 것인가?$\lrcorner$ 라는 주제로 우리 사회가 하루빨리 청산해야할 부실공사의 추방대책을 모색하는 공개토론회를 지난 9월 6일 한국 프레스센터 국제회의장에서 이시윤 감사원장을 비롯한 관련기관 및 관련업계 종사자들이 참석한 가운데 개최했다. 특히 이번 공개토론회는 우리의 안전을 위협하고 나아가서는 국가 경쟁력을 잃게 하는 부실공사의 원인을 심층진단하고 그 방지대책으로 불합리한 제도의 개선과 아울러 시민들의 감사활동을 통한 공사질서확립 방안에 대한 슬기와 지혜를 널리 모으는 중요한 자리로 후손들에게 자랑스러운 건설문화를 넘겨줄 수 있도록 밝고 건전한 공사질서를 세우는 방안에 대한 많은 의견이 있었다. 이날 이시윤 감사원장은 $\ulcorner$부실공사는 우리의 생명과 안전을 위협하고 국제적 위신을 실추시키며 국가경쟁력을 읽게 하는 부끄러운 폐습으로서 하루빨리 치유해야 할 망국병$\lrcorner$이라면서 $\ulcorner$감사원은 21세기 우리의 밝은 미래 창조를 가로막고 있는 이러한 부실공사 문제의 심각성을 인식하고 이의 근절을 최우선 과제로 정하여 감사원의 모든 감사역량을 부실공사 추방을 위한 감사활동에 기울여 왔다$\lrcorner$고 밝혔다. 또한 이시윤 감사원장은 $\ulcorner$지난해에 이어 올해는 건설환경 개선 및 품질혁신의 해로 선언하고 국민 불안감 해소를 위하여 주요시설물의 안전성 점검과 건설산업 개방에 대비한 대외경쟁력 제고의 기틀을 마련하는데 총력을 기울여 나가고 있다$\lrcorner$면서 $\ulcorner$나아가 부실공사 기동점검반을 편성 운영하여 공공공사 현장을 수시 점검하여 부실을 역동성 있게 척결하는 체제도 구축하는 등의 계획을 갖고 있다$\lrcorner$고 밝혔다.

• Journal of the Korean Society for information Management
• /
• v.26 no.4
• /
• pp.249-276
• /
• 2009

The purpose of this study is to investigate the information-seeking procedure of surveillants against public sector organizations in Korea. The surveillants used accountability mechanisms such as National Assembly Inspection and information disclosure to find out information they wanted. Examples of such group include social activists, professional supervisors, aides of the National Assembly congressman and the press members. Using data collected by in-depth interviews and participative observations, we studied their information seeking behaviors and factors that affect the procedure. Based on the Grounded Theory approach, we first generated 56 concepts, 17 categories and 6 super-categories about the participants' feeling, experiences and perception related to their information seeking. Then we developed a factor model among those generated concepts. The main contributions of this study are a) the results provide a useful guidance for the public information seekers b) we draw the requirements for enhancing public sector organizations' information management systems.

• Korean System Dynamics Review
• /
• v.12 no.3
• /
• pp.25-46
• /
• 2011

Recently, performance auditing system of governmen is carried out as most promising framework of government audit. Performance audit by the Board of Audit and Inspection of Korea involves assessing the causes and effects of government policies, programs, and Institutions with the criteria of economy, efficiency, effectiveness. Performance auditing will contribute to strengthening the values of objective assessments of whether public resources are responsibly and effectively managed to achieve intended results. Nevertheless, there seems to be a problems appears in implementation of audit. That is the problems of tendency return to legitimacy audit which is result from the lack of strong approach and methodology. So, this study purpose to developing stronger audit concepts and methods that add to the process and framework of traditional performance auditing system. First, this study evaluates the limitation of current performance auditing system with the perspective of systems thinking. Second, this study analyzes the process and method of current system and develop the conceptual model of the Dynamics Audit System using the system dynamics methodology, which focused on the appropriate auditing process and framework.

• Journal of Korean Society of Transportation
• /
• v.29 no.2
• /
• pp.47-58
• /
• 2011

Nowaday OECD countries actively introduce the performance audit to evaluate the performance of public policies. Motivated by the current trend in practice, this paper presents performance audit indices and methodology developed for evaluating the transportation investment projects and policies. The main contribution of this study would be twofold:1) key performance indices, 5Es + 4Cs rule, and methodology of performance audit are derived from foreign (GAO, NAO) and domestic (BAI) audit reports; 2) checklists (key issues and focuses) of performance audit are suggested as ranks. It is also suggested that further studies are needed to maintain the indices and the methodology to achieve sustainable performance of transportation projects and policies.