• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.167-178
• /
• 2004

Different from traditional development methodologies like waterfall model, the CBD (component based development) methodology relies on a building block approach in the design and development of information system. The audit procedure and checklist for the traditional IS development methodology are required to be modified to be suitable for CBD. This research reviewed IS audit guidelines for the existing development process and analyzed multiple projects that employed the by component based development process. For the purpose of this study, we chose a governmental project and a next-generation IS project of a financial agency as sample cases. By comparing existing IS audit checklists and items actually reviewed in audit projects, this study identified appropriate check items for the CBD-centric audit program. New items were proposed as additional items such as project control in management phase, usage case and conceptual model establishment, component evaluation and design, in implementation phase, and so forth. The result of the research provides new guidelines for the audit CBD projects for the purposed of increased efficiency and qualify of application development projects.

• International Journal of Advanced Culture Technology
• /
• v.9 no.1
• /
• pp.210-217
• /
• 2021

In the case of an agile-based project, it was inadequate to perform a comprehensive inspection and evaluation on the establishment and operation of an information system by performing audit only with the audit and inspection elements provided by the existing information system audit and inspection system. In particular, in the case of the test activity area, it was necessary to improve the test activity audit check items to comprehensively check the agile-based development process by applying the existing audit system. To this end, a test activity improvement check model of the agile methodology audit model was presented by applying the repetition concept, a characteristic of the agile methodology. In order to empirically verify the model of this study, a survey was conducted for auditors and designers/developers who have experience in performing agile-based projects and auditing information systems. As a result of the questionnaire on the integrated test and system test in the test stage, more than 70% of the respondents were found to be suitable. More than 80% of the respondents judged that it was appropriate as a result of the questionnaire on "improvement and regression test progress according to integrated test and system test results" and "integrated test and functional actions of components and subsystems".

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.2
• /
• pp.89-97
• /
• 2020

This study was conducted to examine how independent audit firms in Vietnam understand and use risk based audit approach (RBAA) in audit practice. To answer the research questions, the researchers used primary and secondary data collected from 2018 to 2019. The results from the interview survey showed that audit firms were aware of the advantages of adopting RBAA. However, RBAA is practiced to a moderate extent by audit firms in Vietnam. Big 4 audit firms use RBAA more popularly than Non-Big 4 audit firms. The causes of the difference are the disadvantages of adopting RBAA and client's characteristics such as relevant guideline, audit fees, auditors' knowledge and experience. Besides, the study investigated factors impacting on the RBAA adoption by distributing a questionnaire to 246 auditors of 126 audit firms in Vietnam. A set of statistical appropriate methods where used through SPSS software version 22.0. The results indicated that there were six factors influencing RBAA adoption including: Auditor's ability, Technological development, Audit fees, auditors' motivation, Audit time and client's risk. Of which, auditor's ability and technological development are factors that have the most significant and positive impacts on the adoption of RBAA. Additional implications were argued in the final section of this study.

• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.467-476
• /
• 2002

Importance of Information Systems in banking industry is higher than that of other industries. This study, based on a case study of a bank, analyzes the current status of information systems (IS) audit and proposes future directions in the area of IS control and audit. Major problems identified in the study include deficiency of IS and audit process, and inability of audit function to improve IS process. In addition, deficiency of staffing level and investment in R&D, and lack of competency and independence of audit staff are identified. In order to solve the problems, the following directions were proposed proper division of functions among audit related departments, utilization of outside audit function, and adoption of CSA, CAAT, career path program, risk-based audit approach. The results of the studs will provide valuable implications to banks and companies in other industries. Also the research framework employed in the study can be utilized in the future research in IS control and audit.

• Proceedings of the SAREK Conference
• /
• 2008.06a
• /
• pp.66-71
• /
• 2008

Energy audit was started in 2006 that Korea Government Policy for Energy saving. Who used over 2,000toe/yr(tons of oil equivalent) energy consumption has to perform Energy audit program of obligation every five years with auditing company. HANMI C&E as a company authorized by Government has diagnosed various type building. It shows four case studies of HVAC system in office building through Energy audit. This studies present efficient recommendation method for improving system performance.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 2008.10b
• /
• pp.96-103
• /
• 2008

The information systems audit is an proactive action to find out the predicted issues on proceeding the business beforehand, to make out whether the information systems satisfies the user's demand or not and to check up the result of the project with complementing the capabilities of self-diagnostics for the complicated and advanced information system. However, the results of the audited project are apt to be regarded as a failure in a case that an opinion of the audit area evaluation is described as 'insufficient' or 'negative' in the audit report that is submitted as the result of the audit. It makes a lot of arguments among the board of audit, the institution ordering the audit and the auditor. In this study, we made an attempt to finding out the factors affecting the audit area evaluation and verifying them objectively. A study model and hypothesis including the improvement type of the recommended subject to be improved, the importance, the audit time, the business scale of the audited object and the auditing company as a factor variable were established and the hypothesis was verified by analyzing the correlation between the factor variables and the audit area evaluation.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.45-64
• /
• 2004

Many researchers have proved that information systems auditing is a very effective tool for improving information systems quality. However, information system auditing in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve information system auditing quality on security domain. First of all, we have looked at previous researches on information systems audit, especially on security audit. Based on this survey, we have come up with solutions to improve the evaluation efficiency on security audit. We have merged the security audit guidelines of NCA and KISA, and developed a quantified evaluation scheme. We have proved the validity of this model by interviews with experts and by case studies.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.5
• /
• pp.151-156
• /
• 2021

This paper empirically examines the relationship between one of the major corporate governance attributes; family ownership and the audit committee activity across a sample of 430 publicly traded firms on the Saudi Stock Exchange (Tadawul) for the period 2012-2019. Using the Pooled OLS regression, this study finds that family ownership is negatively associated with audit committee activity. This study reported that family ownership is negatively associated with audit committee activity, giving support to the convergence-of-interest hypothesis. Therefore, the existence of family ownership as a monitoring corporate governance mechanism substitutes the audit committee activity as another monitoring mechanism. This study provides empirical evidence on the associations of two internal corporate governance mechanisms, namely; family ownership and audit committee activity in the Saudi context where there is a paucity of research in this area. The findings of this study provide a new understanding regarding the extent to which family ownership impacts the activity of audit committees in manufacturing companies. Similarly, the companies' management, external auditors, bankers, and companies would also benefit from understanding the influential factors of the audit committee activities.

• Proceedings of the SAREK Conference
• /
• 2008.11a
• /
• pp.505-510
• /
• 2008

Improving energy efficiency is the important thing of energy saving strategies that was shown up result of IEA meeting and the G8 Summit. Energy audit was started in 2006 that Korea government policy for improving energy efficiency. Who used over 2,000toe/yr(tons of oil equivalent per year) energy consumption has to perform energy audit program of obligation every five years with auditing company. HANMI C&E as a company authorized by Government has diagnosed various type building. This case studies are chosen to best practices by KEMCO. This studies present efficient recommendation methods for improving system performance.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2003.05a
• /
• pp.338-346
• /
• 2003

Information Technology (IT) and the internet have been major drivers the changes in all aspects of the business processes and activities. They have brought major changes to the financial statements audit environment as well, which in turn has required modifications in audit procedures. There exist, however, certain difficulties with current audit procedures especially for the assessment of the level of control risk. This assessment is primarily based on the auditors' professional judgment and experiences, not based on the objective hies or criteria. To overcome these difficulties, this paper proposes a prototype decision support model named CRAS-CBR using case based reasoning (CBR) to support auditors in making their professional judgment on the assessment of the level of control risk of the general accounting system in the manufacturing industry. To validate the performance, we compare our proposed model with benchmark performances in terms of classification accuracy for the level of control risk. Our experimental results showed CRAS-CBR outperforms a statistical model (MDA) and staff auditor performance in average hit ratio.