• Journal of Information Technology Applications and Management
• /
• v.25 no.3
• /
• pp.29-41
• /
• 2018

The purpose of constructing university information system is for improvement in diversification and throughput of information, streamlines business processes, rapid exchange of information, sharing of information, decision-making information, and securing educational facilities. Similar to business information technology system, university information system does not have a review system for sharing and overlapping investment of information. Due to the lack of project management for outsourcing and vulnerability of system suitability, system audit is absolutely needed for the university information system. This paper especially focuses on an operational phase in the audit of university information system. Additionally, we proposed operating model and checklists of the university information system based on Management Guidelines of ITIL V3 Operational and Information System. We derived the checklists of operation audit by each domain of service strategy, service design, service transition, service operation, and continual service improvement. As the result, this study appear to have more than average satisfaction the suitability results were.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• KSCI Review
• /
• v.11 no.1
• /
• pp.9-17
• /
• 2003

Along with trends of other countries, the Ministry of Information and Communication in Korea decided to operate an Information System Audit Institution for raising qualify of computer network facilitated in state organ and public institution, and to construct effective construction of information system. The aim of the audit institution is applying it to public information business, establishing an information system audit qualification system, and upbringing Private audit organs. The Ministry of Information and Communication realized that although the demand of information system area audit is explosively expanding, the National Computerization Agency cannot satisfies the demand and realize to have audit control for the information of national business as well. The Ministry of Information and Communication plan to enforce the audit on public information business by correlate with information business. The ministry enforce that the supervisory company has major roll to audit and national import business decided by the Information Promotion Committee is subject to have audit control. Therefore, in this paper, the contents of internal audit among internal/external audit will be presented.

• Journal of Korea Ship Safrty Technology Authority
• /
• s.32
• /
• pp.57-71
• /
• 2012

Recently, the navigation risk is increasing significantly with growing of vessels' volume and propelling marine facilities, water bridges and port development etc. At this point of time, the Ministry of Land, Transport, and Maritime Affairs introduced the Maritime Safety Audit(MSA) in amendment of the Korea Marine Traffic Law. audit results were survey for the last two years. As a result, appropriate certificate appears 11% among audit report, is an urgent need for improved quality of audit reports. This study is aimed to propose about Audit Personnel Education & Training System. To these solve, this paper analyzed the tendency of Audit Personnel Training. And also the opinions of user and experts were investigated and analyzed using Questionnaire survey methods. As a result, this paper was suggested, the construction of Audit Personnel Training System and the curriculum and training contents for 5-days of basic course, 2-days of expert course, 3-days of Qualification Maintain course.

• The KIPS Transactions:PartD
• /
• v.11D no.7 s.96
• /
• pp.1467-1476
• /
• 2004

The importance and demand about IS(information system) audit we increasing to raise quality of IS and prevention of the IS risk and dysfunction. Technology and system research for the substantiality and raising reliability of IS audit are continuously performed. But, there are misunderstanding of audit clients about IS audit, insufficiency of auditor's ability and misunderstanding of new technology and target business area. Therefore, is not getting trust from client or system integrator because service quality of IS audit is weak relatively. This study aims at survey correlation between audit service quality factor and audit quality, between audit quality and customer satisfaction. The results of this study are as follow. Auditor's ability, correspondence has a significant effect on audit quality, also audit quality on audit satisfaction, and Auditor`s ability, reliability has a significant effect on audit satisfaction.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.167-178
• /
• 2004

Different from traditional development methodologies like waterfall model, the CBD (component based development) methodology relies on a building block approach in the design and development of information system. The audit procedure and checklist for the traditional IS development methodology are required to be modified to be suitable for CBD. This research reviewed IS audit guidelines for the existing development process and analyzed multiple projects that employed the by component based development process. For the purpose of this study, we chose a governmental project and a next-generation IS project of a financial agency as sample cases. By comparing existing IS audit checklists and items actually reviewed in audit projects, this study identified appropriate check items for the CBD-centric audit program. New items were proposed as additional items such as project control in management phase, usage case and conceptual model establishment, component evaluation and design, in implementation phase, and so forth. The result of the research provides new guidelines for the audit CBD projects for the purposed of increased efficiency and qualify of application development projects.

• Management & Information Systems Review
• /
• v.7
• /
• pp.141-168
• /
• 2001

The causes that the transparency of Korean accounting information was rated low, a short supply of faithful and transparent accounting information from the limitation of external audit environment must be pointed out. Purpose of the external audit is a expression of the auditors about that financial statements an enterprise made public were appropriately drew up in accordance with the corporate accounting principles from important point of view. Analysis of the audit opinion and so fourth according to 6,541 individual audit reports and introduced to the bill securities forward committee as a subject of external audit according to the raw of corporation external audit show that considerable change to the contents of audit report. This show as it is that uncertainty of future that is now being faced by our enterprise, because corporation which present audit reports since 1997 because of enterprise dishonor and contents of existence probability as a continued enterprise following to general economic crisis after 1998 occupy important position in special matters of audit report. Also, increase in special matters is due to application of the corporate accounting principles revised on December 11, 1998. In 1999, audit opinion under limitation(limitation, incongruity and rejecting opinion) increased greatly according to existence doubt as a continued enterprise, and this is the consequence of strengthening audit to the continues enterprise because of limited enterprise dishonor according to the stagnancy of business activities after 1997. Now financial supervisory service put in effect electromagnetic public announcement system about a project report of listed corporation (including an audit report) keeping pace with a documentary public announcement system as first phase since 1999 and expand to the unlisted corporation from 2000. As electromagnetic public announcement of public announcement documents including audit documents of external audit subject get a duty, approach of external user to the accounting information will be easier. Fixation of this system will make deep and wide analysis to the audit opinion, and this will draw up a plan to reconsider confidence of accounting information.

• Journal of Convergence for Information Technology
• /
• v.11 no.9
• /
• pp.75-83
• /
• 2021

This research is to analyze how an introduction of full-time quality control("QC") personnel system in audit firms influences on audit quality and verify how important it is to establish the quality control system for auditing quality. We measure audit quality as the level of discretionary accruals and compare the differences between audit firms with QC and without QC. In addition, we analyze the difference in audit qualities between before and after activating the full-time QC personnel system by comparing audit quality of before 2015 with that of after 2016. The results of this study are summarized as follows. First, the audit quality is higher when audit firms have QC personnel. Second, the audit quality is improved after the introduction of the full-time QC personnel system.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.45-64
• /
• 2004

Many researchers have proved that information systems auditing is a very effective tool for improving information systems quality. However, information system auditing in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve information system auditing quality on security domain. First of all, we have looked at previous researches on information systems audit, especially on security audit. Based on this survey, we have come up with solutions to improve the evaluation efficiency on security audit. We have merged the security audit guidelines of NCA and KISA, and developed a quantified evaluation scheme. We have proved the validity of this model by interviews with experts and by case studies.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.5
• /
• pp.179-186
• /
• 2019

Information system audit, which provides effective diagnosis and inspection of IT governance, is applied to all aspects from planning to development and operation. However, there is a difficulty in carrying out the audit because the system for the specialized university IT project is not developed. Therefore, it is necessary to set the internal system as the audit-based application framework in order to apply it to university IT governance. In this paper, we propose a audit-based application framework of university information system developed for university. The framework has a difference from the existing audit system. By using this framework, it is possible to present a standard for the university IT project and easily approach and use it in the field. And it can be used for direct audit through this framework in the level of the auditor as well as the HQ admin. The framework categorizes the audit into three major dimensions and suggests a method that can be applied to the university information system audit through the UAFP(University Audit Framework Process) and quality assurance.