• Journal of Digital Convergence
• /
• v.9 no.5
• /
• pp.141-156
• /
• 2011

Auditors' subjective opinions m audit activities weaken reliability in audit judgments. This paper suggests fixed quantity models through requirement priority for improving objective evaluation and priorities of requirements in information system audit. The value of requirements was evaluated based on customers' requirements with a premise that they are not in the same level. Furthermore, the audit objective judgments were enhanced to enable fixed quantity of subjective audit by subdividing detailed evaluation index of requirement priority standards into importance of service and function on orderers' perspective, and sectioning cost and schedule on contractors' perspective.

• Review of KIISC
• /
• v.34 no.4
• /
• pp.61-66
• /
• 2024

ISO TC307에서 개발 중인 23353(Blockchain and distributed ledger technologies - Auditing guidelines: 블록체인과 분산원장 기술 감리 가이드라인) 표준은 기존 IT 시스템 감리와 달리 블록체인(BC, BlockChain)과 분산원장 기술(DLT, Distributed Ledger Technology) 기반 시스템에 대한 감리이다. ISO 23353의 주요 내용은 감리 원칙, BC/DLT 시스템의 위험, 감리 프레임워크, BC/DLT 감리 프로그램 관리 및 수행 절차 등이며. BC/DLT 감리에 있어 고려해야 할 위험, 통제 목표 및 통제 식별 방안 등에 대한 가이드 제공을 목적으로 한다. 한국이 주도적으로 개발하고 있는 ISO 23353은 블록체인 산업 활성화 촉진과 더불어 디지털 금융 산업에서 주도적 위치를 확보하는 데 긍정적으로 작용할 것이다.

• Journal of Korea Spatial Information System Society
• /
• v.7 no.2 s.14
• /
• pp.15-27
• /
• 2005

The purpose of this study is to present a methodology of GIS audit system which fully reflects standardization regarding GIS. With the recognition of the problems stemming from data exchange, building costs, and budget waste, this study utilized the standardization for evaluation factors of GIS audit. After analyzing the advantages and disadvantages of current audit methodology, this study pointed out the importance of audit, then presenting main audit factors followed by analyzing national standardization and extracting contents of audit to be added into the existing auditing items. Through the analysis of different types and characteristics, and both advantages and disadvantages of GASP, this study identifies and introduces a highly improved and practical methodology called Modified-GASP (M-GASP) that is basically set to be complementary and supplementary to GASP. Ultimately, the result of this study will support the higher degree of efficiency, stability, and extendability of GIS system, not to mention of strengthening the competitiveness of organizations involved.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1397-1400
• /
• 2000

본 논문은 감리 정보 시스템을 개발하여 실제 감리 활동에 적용한 결과, 개발된 소프트웨어에 대한 평가 및 분석 정보를 다음과 같이 할 수 있다. 소프트웨어 평가 정보는 감리 평가의 체크 항목 및 기준 점수와 주요 항목별 긴급 개선, 통상 개선, 권고사항 등의 정보를 제공할 수 있기 때문에 시스템 관련 관리자, 개발자, 감리자에게 고품질의 신뢰성 있는 소프트웨어 개발에 기여하였으며, 소프트웨어 분석 정보는 감리 평가 항목별로 다양한 이력 정보를 제공할 수 있기 때문에 향후 소프트웨어 감리 평가 및 개발의 전략 수립에 활용할 수 있다.

• Information Systems Review
• /
• v.10 no.3
• /
• pp.155-183
• /
• 2008

Current trend of audit is to check the physical aspects of developed information system, such as checking the budget constraints, time constraints or functional fluency etc. However, ultimate goal of information system is to help the organization to achieve the competency over their competitors. Also, there are three different interest groups in system auditing, like audit requesting group, audited group and audit group, who may have different points of interests in auditing. Current auditing process, however, ignores this point, and so does not check the differences between three groups. This study tries to develop new auditing method to cure these two problems. Contributions of this study may be summarized as follows. First, Introduce the new indexes that can check the possibility that the information system may contribute the competency of organization. Also check the feasibility of indexes through Fuzzy AHP. Second, Divide the audit related person into three groups, and their different needs toward the information system was analyzed. Third, Analyze and compare the main interests of three groups, and weights of each groups to each indexes were calculated. Fourth, Fuzzy theory was applied to quantify the qualitative answers, which may minimize the ambiguity of questionnaire replies.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.185-196
• /
• 2012

Information system operation principles were recently established in order to provide high quality service and efficient operation audit of IT outsourcing. Operation managements are done based on these principles. Therefore, information operating management process, which refers to itself, is established. Information system operation audit requires a constant audit regularly, which is different from construction/development audit that is done only once. As operating management process changes, operation audit guidelines should be updated and improved. Therefore, this paper proposes IT outsourcing operation audit model with IT outsourcing achievement management as a focus. IT service domain was referred in order to propose information system operation audit model and check lists, which are based on IT outsourcing operation managements such as planning, making strategies, contract, service, and management. The deduced audit model and check lists verified suitability of the proposed model by experts' survey.

• 한국IT서비스학회:학술대회논문집
• /
• 2010.05a
• /
• pp.452-457
• /
• 2010

정보시스템 운영은 연속성, 장애에 대한 민감성 등 정보시스템 구축과는 다른 특성을 많이 가지고 있어 감리방법에 있어서도 새로운 방법이 필요하다. 본 논문은 정량화된 운영점검표를 제시함으로써, 운영감리의 객관성과 신뢰성을 확보하고, 감리결과를 정량화하며, 타 운영사례나 과거 운영 상태와의 비교를 가능케 하여, 감리의 품질과 운영감리의 효용성 향상에 기여하고자 하였다. 시스템 운영 정보시스템 감리지침의 기본점검항목을 기준으로 13가지 기본점검항목을 도출하였고, 각 기본점검항목 별로 현재 운영상태가 어떤 수준인지를 평가할 수 있도록 하였으며, 전문가 인터뷰와 현장적용을 통하여 검증하였다.

• KIPS Transactions on Software and Data Engineering
• /
• v.5 no.5
• /
• pp.203-208
• /
• 2016

Information system audit is the requirement to configure the information system successfully. However, there is a problem with reduction of efficiency in the audit work when the system capacity is growing up. In the subsidiary field of information system audit, there is the same problem. In this paper, we will focus on the database audit, and implement an SQL audit tool in order to improve the performance of a database. During the designing phase of the SQL audit tool which aim to improve the performance of a database, we have analyzed the requirements of SQL audit work. Based on the aforementioned them, the process of the SQL audit tool has been designed with SQL audit features in accordance with information audit process. During the implementation phase, we have implemented 3 main function modules according to the output of the design phase. The main modules we implemented are the audit job definition module, audit job executing module and result reporting module. With the implemented tool, it applied to an Electric Power Corporation project in China and compared with other tools that are able to use SQL audit. In this paper, the implemented SQL audit tool is able to perform the general SQL audit work and to reduce the cost of the audit work for database performance and to raise the accuracy of result and to apply the extended inspection rule which need to use SQL parsing.

• Journal of Advanced Navigation Technology
• /
• v.16 no.6
• /
• pp.1080-1091
• /
• 2012

Information system for audit target that was done in the past business unit system presided over the development process for an integrated information system in three steps further from the audit step 2 step-by-doing, for in the presiding quality party check for the information systems audit requirements of social responsibility is growing. Therefore, efforts are needed for research on factors affecting the quality of the audit and audit improve the quality in order to improve the quality of the Methodist This study, the general auditor competence and supervision, empowerment and the causal relationship between the quality of service, presided over by a model that can be analyzed in the field to develop and take advantage of the auditor's general theory of leadership was developed from existing research capabilities identification and analysis on a supervisor's empowerment survey conducted for the auditor to perform Methodist, its contents and using the LISREL structural equation methods were empirically tested.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04b
• /
• pp.409-411
• /
• 2004

본 연구에서는 정보시스템의 품질향상을 위하여 정보시스템 감리결과를 종합적, 체계적으로 평가하는 방안을 제시하였다. 기존 감리보고서 위주보다는, 감리 산출물과 행위를 기준에 기반을 두어 평가하였다. 감리행위도 하나의 프로젝트이므로 중요한 성공요인을 평가기준으로 하였고, 감리 산출물도 하나의 프로덕트이므로 프로덕트 평가 프레임워크를 명가기준으로 하였다 따라서 18개 행위, 산출물 명가항목을 도출하여 각각 5단계 배분의 가중치를 적용하는 방안을 제시하였다 각 평가항목에 대하여는 세분화된 평가요소를 도출하여 어떻게, 무엇을 평가한다는 것을 명확히 하였다. 이러한 평가기준에 따른 방안은 감리결과에 대한 신뢰성, 정당성을 높이며. 이는 감리에 대한 정확성, 객관성이 보편적으로 인식되어 그 효과성이 더욱 높아진다.