• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.121-135
• /
• 2006

With the growth and maturation of IT industry, the necessity of audit about development, maintenance and management of high-quality information system is gradually increasing. In addition, the necessity of inner auditing system, which could totally verify and evaluate the effectiveness of project according to the characteristics of organization conducting information-oriented business, also being proposed. Government offices including Korea Institute of Science and Technology(KISTI) collectively controlling nationwide science-technology related information have no guiding principle or organization within themselves even though performing information-oriented businesses are becoming more bigger and complicated. In this paper, we propose scheme for devising framework, which can audit construction and operation of knowledge information, check list and guideline. In addition, we present concrete ways for adapting these schemes to institutes which manage science-technology knowledge information. Audit framework consists of points of time in audit, audit domain and audit criterion. Points of time in audit are defined as three phases as followings: pre-audit, in-progress audit and post-audit. Audit domain includes 16 detail audit domains and especially we set 11 check items and 40 detail investigation items for database implementation business. We expect that management level of science-technology implementation business of organizations using this research result will increase and they could offer high-quality information service.

• Journal of Information Technology Services
• /
• v.5 no.2
• /
• pp.59-78
• /
• 2006

This research is to suggest the factor which is effecting on the information system audit fidelity in the perspective of audit procurer, to develop the measure to evaluate it, to investigate the audit performance and project performance for comparison the audit fidelity between the audit teams. As the analysis results, we found that the audit service factors can be divided to the expert knowledge of auditor and the project attributes itself. It means these factors are the major measures for the audit fidelity. In this research, the hypothesis of this study model is verified throughout the factor and corelation analysis, and the structured equation model is applied. Analysis results show that all relations between the factors are significant statistically. The audit service factors has an effect on audit fidelity. Also the information system audit fidelity can be affect on the project performance, audit performance and customer satisfaction. So, in conclusion, we need to judge closely the audit service factors affecting the audit fidelity for the enhancement of the project performance, audit performance and customer satisfaction.

• International Journal of Advanced Culture Technology
• /
• v.9 no.1
• /
• pp.210-217
• /
• 2021

In the case of an agile-based project, it was inadequate to perform a comprehensive inspection and evaluation on the establishment and operation of an information system by performing audit only with the audit and inspection elements provided by the existing information system audit and inspection system. In particular, in the case of the test activity area, it was necessary to improve the test activity audit check items to comprehensively check the agile-based development process by applying the existing audit system. To this end, a test activity improvement check model of the agile methodology audit model was presented by applying the repetition concept, a characteristic of the agile methodology. In order to empirically verify the model of this study, a survey was conducted for auditors and designers/developers who have experience in performing agile-based projects and auditing information systems. As a result of the questionnaire on the integrated test and system test in the test stage, more than 70% of the respondents were found to be suitable. More than 80% of the respondents judged that it was appropriate as a result of the questionnaire on "improvement and regression test progress according to integrated test and system test results" and "integrated test and functional actions of components and subsystems".

• 제어로봇시스템학회:학술대회논문집
• /
• 2005.06a
• /
• pp.1602-1605
• /
• 2005

An audit tracer is one of the last ways to defend an attack for network equipments. Firewall and IDS which block off an attack in advance are active way and audit tracing is passive way which analogizes a type and a situation of an attack from log after an attack. This paper explains importance of audit trace function in network equipment for security and defines events which we must leave by security audit log. We design and implement security audit system for secure router. This paper explains the reason why we separate general audit log and security audit log.

• Journal of Information Technology Services
• /
• v.15 no.1
• /
• pp.113-129
• /
• 2016

Recently, as Information System projects tend to be more complex, the importance of Information System Audit increases. In the same context, the need for the resident IS Audit also increases, which is supposed to deal with the possible risks and urgent issues by providing the appropriate support and timely coordination during IS project. Basically, for the effective IS Audit, the IS audit team members should be able to understand such a business context as work characteristics, business knowledge, goals, and culture of the organization. The audit team members should also be able to share the various knowledge of Information Technology and audit procedure with the owner of the project. Especially, for the resident audit, it is more important to fill the gaps in expertise between project owner and audit team. However, any studies on the need of common knowledge base (knowledge complementarities) in the IS audit have not been done so far. The purpose of this study is to analyze whether the knowledge complementarity based on inter-organizational communication between the project owner and audit team members makes an effect on the fidelity and performance of IS audit. In order to do this, the relationship among inter-organizational communication and knowledge complementarity, the fidelity of IS audit service, and performance of IS audit has been analyzed, using Structural Equation Model. The result shows that all the relationship is significant, which means that knowledge complementarity between the two different interest groups should be an effective factor on the fidelity and performance of IS audit. This result implies that, for better quality of IS Audit service, how to acquire the knowledge complementarity between the project owner and Audit team should be considered seriously as well as systematically in the process of IS Audit.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.12 no.19
• /
• pp.89-98
• /
• 1989

This research addresses the most sophisticated level of complexity of current electronic data processing(EDP) technology realtime, distributed data base(DDB) system. The major objective is to develop guidelines for the control and audit of these sophisticated system, since the control and audit philosophies, control features, and audit techniques applicable to traditional EDP systems are no longer fully appropriate for, or relevant to, these stat-of-art systems. An attempt is made to develop an internally consistent audit and control Conceptual Framework summarizing and integrating the material developed in this research, which then leads into the analysis of the control and audit model.

• Journal of Digital Convergence
• /
• v.12 no.3
• /
• pp.37-53
• /
• 2014

Audits by local governments help to improve local governments's internal control, diagnose their policies, increase their administrative performance and prevent any Policy errors. But the specialty level of the self-authority audit & inspection is low level. It comes from frequent job rotations which results in disposition of unskilled employees instead of ones having majoring knowledge and practical experience. In order to overcome the aforementioned problems and strengthen the function of the self-audit in local governments, we suggested a new system as a solution by considering various audit environments. This study is to find the problems of local Audit and suggest the new system of self audit evaluation system. Electronic self-authority and inspection system is strengthen the self-authority audit & inspection and ultimately will be making strength the effectiveness of local government performance.

• Journal of the Korean Professional Engineers Association
• /
• v.34 no.4
• /
• pp.65-68
• /
• 2001

The role of information system(IS) audit is growing more important according to rapid change of Information technology. This article is to introduce what is IS audit, purpose and effect of IS audit. Now most clients of private IS audit services companies are the public sector. Korean public sectors invest a lot of money to build or implement their information system. Most of their systems are developed by system intergration companies. But they do not have professional engineers to evaluate and review outsourced information system. Therefore they must use outside private professional engineers for sysem auditing. We, including writer, established the first IS audit sevice company in Korea on September in 1997. After that about 15 IS audit service companies are established until now. The effect of IS audit is highly evaluated In public sector by the clients Most clients think IS audit service contributed to upgrade the quality of software and standard the methodology of developing system

• Journal of the Society of Disaster Information
• /
• v.19 no.1
• /
• pp.204-215
• /
• 2023

Purpose: In this study, it was proposed a plan to build the Continuous Preventive Audit System in the military Organization with the expectation that we will develop an efficient audit method under the rapidly changing audit and work environment in the future. Method: it was examined the realities and problems of the military self-audit, the cases of the Continuous Preventive Audit System currently being used by government departments and institutions and internal control inspection of the information system of the Foreign Audit Office. Result: Government departments, agencies, and foreign auditors have established a Continuous Preventive Audit System to overcome the problems and limitations of their own audits, ensuring accounting accident prevention and audit work efficiency and are focused on auditing internal controls of information systems. Conclusion: In the future, more specific studies on the design of detailed scenarios for each function of defense work and the research and analysis on the improvement of defense information system should be followed for the establishment and settlement of a more specific Continuous Preventive Audit System.

• Journal of Information Technology Services
• /
• v.11 no.4
• /
• pp.107-121
• /
• 2012

The core infra-technology in the ubiquitous era, RFID which has taken action from the public institution with the pilot projects as well as the practical projects is gradually extending its spectrum to the private enterprises. Along with its expansion, the audit required on the RFID-based information system is also growing in the industry. Especially, since RFID-based information systems, especially compared to other information systems, are likely to be exposed to many threats, the security audit for them is being emphasized. This paper suggests security audit checking items for the RFID-based information system, which can be used to perform the efficient security audit. The security audit checking items consist of eight basic checking items, each of which consists of detailed review items and can be applied for each building steps of the system(analysis, design, implementation, testing, and development). Finally, this paper confirmed the efficiency of the security audit checking items proposed in this paper through survey by the experienced auditors and analysis of practical audit cases.