• Journal of the Korean Society for information Management
• /
• v.19 no.1
• /
• pp.115-134
• /
• 2002

According to increase share ratio of information on library be unable bring to maintain knowledge and information resource management for information audit and control on management vision in non-profit organization. Application of information management system was necessary to the systems integration and total management activity in total management system of organization. Library must be to investigate knowledge and information promotion and management innovation needs to consider to gather into a bundle problems to include social and economic requirements. This research be able to adaption all library standardization rule review adapt ability of information management system through the analysis compared to various developed performance indicator for library and level evaluation indicator for information management system. Library will be expanse efficiency of organization, satisfaction of users and level up the National competition through the adaptation of information management system.

• Journal of Information Technology Services
• /
• v.15 no.1
• /
• pp.113-129
• /
• 2016

Recently, as Information System projects tend to be more complex, the importance of Information System Audit increases. In the same context, the need for the resident IS Audit also increases, which is supposed to deal with the possible risks and urgent issues by providing the appropriate support and timely coordination during IS project. Basically, for the effective IS Audit, the IS audit team members should be able to understand such a business context as work characteristics, business knowledge, goals, and culture of the organization. The audit team members should also be able to share the various knowledge of Information Technology and audit procedure with the owner of the project. Especially, for the resident audit, it is more important to fill the gaps in expertise between project owner and audit team. However, any studies on the need of common knowledge base (knowledge complementarities) in the IS audit have not been done so far. The purpose of this study is to analyze whether the knowledge complementarity based on inter-organizational communication between the project owner and audit team members makes an effect on the fidelity and performance of IS audit. In order to do this, the relationship among inter-organizational communication and knowledge complementarity, the fidelity of IS audit service, and performance of IS audit has been analyzed, using Structural Equation Model. The result shows that all the relationship is significant, which means that knowledge complementarity between the two different interest groups should be an effective factor on the fidelity and performance of IS audit. This result implies that, for better quality of IS Audit service, how to acquire the knowledge complementarity between the project owner and Audit team should be considered seriously as well as systematically in the process of IS Audit.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.219-234
• /
• 2013

We introduced a framework of information systems audit methodology and applied to IS projects based on RFID/USN in six public organizations in South Korea. An analysis of five IS implementation projects shows the iterative technical specific risks are disclosed. The key 14 risk factors categorized into 4 classifications (Project Management, application, database, system architecture) which are based on the established IT audit framework in order to extend to the technology (RFID/USN) specific framework and apply to the other case as well. The implications of these findings for audit research and practice are discussed.

• Journal of Information Technology Services
• /
• v.11 no.2
• /
• pp.197-211
• /
• 2012

This paper describes how to derive audit criterion, audit domain, detail technology, and functional check items which are core of hospital information system, consisting of OCS, EMR, and PACS. Using the check items listed above, we investigated the objective validity for the construction audit of hospital information system. As a result, the derived audit criterion, audit domain, detail technology, and functional check items were verified as check items for audit. Since using the current audit check items of public area is insufficient to construct efficient, reliable, and stable hospital information system, we suggest adopting the hospital information system audit area, audit check items, and process that are presented in this paper.

• Journal of the Korean Professional Engineers Association
• /
• v.34 no.4
• /
• pp.65-68
• /
• 2001

The role of information system(IS) audit is growing more important according to rapid change of Information technology. This article is to introduce what is IS audit, purpose and effect of IS audit. Now most clients of private IS audit services companies are the public sector. Korean public sectors invest a lot of money to build or implement their information system. Most of their systems are developed by system intergration companies. But they do not have professional engineers to evaluate and review outsourced information system. Therefore they must use outside private professional engineers for sysem auditing. We, including writer, established the first IS audit sevice company in Korea on September in 1997. After that about 15 IS audit service companies are established until now. The effect of IS audit is highly evaluated In public sector by the clients Most clients think IS audit service contributed to upgrade the quality of software and standard the methodology of developing system

• Journal of Korea Multimedia Society
• /
• v.20 no.4
• /
• pp.660-670
• /
• 2017

In case of auditing of the information system development project applying agile methodology, it is not appropriate to carry out a comprehensive check on the establishment of information system with only the existing check on software. This study considers the characteristics of the agile methodology in terms of Information System Auditing. To improve inspection quality of development project with agile methodology by deriving detailed check items of test activities at each stage, this study proposes a strategy to improve the check on software for the test activities of the supervisory model that is suitable for agile methodology, which emphasizes repetitive work.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5
• /
• pp.1409-1418
• /
• 2000

Auditing plays a very important role in the process of developing and managing good quality software. The software developing proces should be audited precisely especially in the test phase. Up to the present, because auditing has depended on the auditor's experience of developing and auditing software, it has been impossible to audit objectively. It is limited to audit systematically and objectively because auditing process isn't systematized. In this paper, the auditing model to solve several problems in present auditing is suggested, a test phase audit system is developed, and the system is applied to the actual auditing process. Consequently, software administrators can establish effective software management, software developers can be supported by a highly reliable and quality software development tool, and auditors can be offered an objective audit standard.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2008.10b
• /
• pp.96-103
• /
• 2008

The information systems audit is an proactive action to find out the predicted issues on proceeding the business beforehand, to make out whether the information systems satisfies the user's demand or not and to check up the result of the project with complementing the capabilities of self-diagnostics for the complicated and advanced information system. However, the results of the audited project are apt to be regarded as a failure in a case that an opinion of the audit area evaluation is described as 'insufficient' or 'negative' in the audit report that is submitted as the result of the audit. It makes a lot of arguments among the board of audit, the institution ordering the audit and the auditor. In this study, we made an attempt to finding out the factors affecting the audit area evaluation and verifying them objectively. A study model and hypothesis including the improvement type of the recommended subject to be improved, the importance, the audit time, the business scale of the audited object and the auditing company as a factor variable were established and the hypothesis was verified by analyzing the correlation between the factor variables and the audit area evaluation.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.167-178
• /
• 2004

Different from traditional development methodologies like waterfall model, the CBD (component based development) methodology relies on a building block approach in the design and development of information system. The audit procedure and checklist for the traditional IS development methodology are required to be modified to be suitable for CBD. This research reviewed IS audit guidelines for the existing development process and analyzed multiple projects that employed the by component based development process. For the purpose of this study, we chose a governmental project and a next-generation IS project of a financial agency as sample cases. By comparing existing IS audit checklists and items actually reviewed in audit projects, this study identified appropriate check items for the CBD-centric audit program. New items were proposed as additional items such as project control in management phase, usage case and conceptual model establishment, component evaluation and design, in implementation phase, and so forth. The result of the research provides new guidelines for the audit CBD projects for the purposed of increased efficiency and qualify of application development projects.

• Convergence Security Journal
• /
• v.2 no.1
• /
• pp.17-33
• /
• 2002

The major goal of this study is to develop an index that can evaluate the quality of the appropriate network in a series of projections that analyze, design, and then build a network. The existing software engineering and/or the methods of developing a system are limited. The process of defining the requirements in building a network, designing the system, and building the network focuses on arranging the methods of building a network. Based upon this, we tried to develop a necessary index to evaluate the security of a network.