• The Journal of Industrial Distribution & Business
• /
• v.6 no.2
• /
• pp.13-16
• /
• 2015

Purpose - Benford's Law is a simple and effective auditor tool that detects fraud. This paper's purpose is to audit the efficiency of Benford's law, which uses a set of strange observations, certain numbers repeated over other numbers in the data set. Research design, data, and methodology - Benford's law was applied in numerical analysis. We can say that in addition to reducing the duration of the audit, the capacities of the audit were more robust. Results - Sample auditse valuated the ability of auditors to prove fraud and expand the use of analytical procedures in planning the audit. Additionally, the use of the analyses as part of the computer's internal controls helped to further improve the effectiveness of internal controls and reinforce them. Conclusions - Benford analysis should be carried out as appropriate. In subsequent studies, it can also be examined as a tool to reveal doubtful accounts. Numerical analysis of the data and a computer are necessary. Programs for data analysis in various applications such as auditing (SAS) and (ACL) and (Case Ware) and (IDEA) are available.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.5
• /
• pp.69-79
• /
• 2021

Good Corporate Governance (GCG) has been implemented by companies, especially companies that have gone public. However, many local companies still have not applied the principles of GCG. This study examines the implementation of the CG concept which is not fully implemented in family businesses in Indonesia. Besides, this research also aims to find out the role of the Internal Audit function in enhancing GCG practices. This research is a qualitative study that uses in-depth interviews, observation, and data triangulation, to gather evidence from exploratory case studies conducted in three family business firms. The results of this study found that CG is essential for the successful run of family businesses. After analyzing the data, we developed a new theory called Islamic Integrity Governance. The Internal Auditor plays a key role in improving GCG and a vibrant and agile internal audit function can be an indispensable resource supporting sound corporate governance. The internal auditor provides objective assurance and insight on the effectiveness and efficiency of risk management, internal control, and governance processes. Therefore, the Internal Auditor is an important pillar for effective and efficient GCG implementation. This theory concludes several concepts such as THTCL (Trustworthy, Honest, Transparent, Creative, Loyal). Internal auditors are needed because the concept of control is useful for improving GCG in business.

• Journal of East Asia Management
• /
• v.4 no.1
• /
• pp.23-51
• /
• 2023

We investigate whether the association between management overconfident tone and the level of audit effort measured by audit fees and hours differs depending on the level of earnings management. Prior studies suggest that firms led by overconfident managers are likely to initiate risky investments, report low quality financial statements, and have material weaknesses in internal control system. These characteristics, combined together, result in higher audit risk. At the same time, auditors assess audit risk based on the quality of financial reporting, measured by level of earnings management. As a result, the assess audit risk is likely to reflect the combined effect of management overconfidence and the level of earnings management. In this paper, we investigate whether auditors differentiate the effects of real earnings management (REM) and accrual-based earnings management (AEM) when they assess the audit risk related management overconfident. Using the CEO's letter published in 2018, we measure the CEO's tone representing the degree of overconfidence (i.e., activity). Based on this measure, we find that the positive association between managerial overconfident tone and audit effort is more pronounced as the level of REM is higher. However, we find that the baseline association does not vary depending on the level of AEM. These results suggest that auditors consider the managerial overconfident severer when such characteristic accompany the higher level of REM, which can be outcome of aggressive business decisions possibly leading to the higher audit risks. We further find that these results are stronger for Big 4 auditors and continuing auditors. This paper contributes to the literature and practice as follows. First, we provide contextual evidence on how auditors reflect managerial characteristics in the audit process by documenting that auditors actively increase their audit efforts only when overconfident managerial characteristics are highly likely to lead to audit risk. This result suggests that auditors conduct external auditing considering both the efficiency and effectiveness of the audit process. Second, we suggest that auditors use information obtained from a wide range of sources to identify audit risks. Our results provide evidence of how the auditing standards, which do not provide detailed guidelines for audit risk assessment, are being applied in practice. Finally, our results also enhance the understanding of how audit fees are determined. Combined with the studies related to audit pricing, we provide the important reference for discussion between the auditor and the auditee about the audit fee that has created acute tension after the enforcement of the new External Audit Act.

• Journal of Internet Computing and Services
• /
• v.18 no.3
• /
• pp.71-83
• /
• 2017

In recent years, by utilizing the greatest strengths of process mining, the various research activities have been actively progressed to use auditing work of business organization. On the other hand, there is insufficient research on systematic and efficient analysis of massive data generated under big data environment using process mining, and proactive monitoring of risk management from audit side, which is one of important management activities of corporate organization. In this study, we intend to realize Hadoop-based internal audit integrated real-time monitoring system in order to detect the abnormal symptoms in prevent accidents in advance. Through the integrated real-time monitoring system for purchasing audit, we intend to realize strengthen the delivery management of purchasing materials ordered, reduce cost of purchase, manage competitive companies, prevent fraud, comply with regulations, and adhere to internal control accounting system. As a result, we can provide information that can be immediately executed due to enhanced purchase audit integrated real-time monitoring by analyzing data efficiently using process mining via Hadoop-based systems. From an integrated viewpoint, it is possible to manage the business status, by processing a large amount of work at a high speed faster than the continuous monitoring, the effectiveness of the quality improvement of the purchase audit and the innovation of the purchase process appears.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.3
• /
• pp.761-769
• /
• 2014

We propose an improved M-ISMS(Military-ISMS) model which is based on common ISMS model for regarding military's unique characteristics. Our model focuses on 'Internal Security Audit' and 'Management of external activity' as military circumstances. So, we added the six control new items as internal security audits. Because the confidentiality is more important than availability in military service as compared with private sectors. In addition, we propose some control suggestions for establishing security management standards and keeping level maintenance when it will becomes to lose a value as confidential. The M-ISMS model in this paper has effectiveness which prevents security incidents in advance rapidly throughout a variety of common ISMS's advantages and security incidents of private sectors in consideration of military characteristics.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.24 no.6
• /
• pp.1271-1284
• /
• 2014

This paper classifies technical, administrative and physical areas of defects and advices made by an external audit (ISO27001) and internal audit (performed by a security team) in a company which has the management system of information security. With the classified data it finds the correlation between the budget and investment of information security, and analyze the correlation. As a result of the analysis, it has been found that as time goes on there is a consistent correlation between a administrative area and technical area of security. Specially, it has been confirmed that the relation between the scale of the budget which is not executed and the number of the defects and advices made by the audit is in direct proportion. Therefore, in this paper, so as to provide a model that can be used for validating the effectiveness of the protective investment information by statistically calculating the similarity based on the results of correlation analysis. This research is intended to help that a company makes a precise decision when it establishes a policy of information security and systematic methodology of the investment in information security.

• Journal of Preventive Medicine and Public Health
• /
• v.55 no.6
• /
• pp.539-548
• /
• 2022

Objectives: The purpose of this study was to assess the organizational effectiveness of the introduction of a healthcare information system (electronic medical records and databases) in healthcare in Kazakhstan. Methods: The authors used a combination of 2 methods: expert assessment and strengths, weaknesses, opportunities, and threats (SWOT) analysis. SWOT analysis is a necessary element of research, constituting a mandatory preliminary stage both when drawing up strategic plans and for taking corrective measures in the future. The expert survey was conducted using 2 questionnaires. Results: The study involved 40 experts drawn from specialists in primary healthcare in Aktobe: 15 representatives of administrative and managerial personnel (chief doctors and their deputies, heads of medical statistics offices, organizational and methodological offices, and internal audit services) and 25 general practitioners. Conclusions: The following functional indicators of the medical and organizational effectiveness of the introduction of information systems in polyclinics were highlighted: first, improvement of administrative control, followed in descending order by registration and movement of medical documentation, statistical reporting and process results, and the cost of employees' working time. There has been no reduction in financial costs, namely in terms of the costs of copying, delivery of information in paper form, technical equipment, and paper.

• Journal of Arbitration Studies
• /
• v.21 no.1
• /
• pp.87-107
• /
• 2011

There are two methods to resolve conflicts related to constructions which are through lawsuits and ADR (Alternative Dispute Resolution) just like any other conflicts. Along with the special characteristics pertaining to the conflicts related to constructions, the advantages that ADR is in possession of such as its cost, duration and professionalism, resolving conflicts through ADR has been considered to be more logical than any other options recently. In Korea's case at present, the resolution of conflicts regarding constructions through ADR is mostly dependent on administrative mediation or through arbitration. However, in the case of the administrative mediation, its usage rate is very low due to problems caused by problems in its running and effectiveness. In the case of arbitration, the services of the Korean Commercial Arbitration Board is comparatively used more but because of the fact that arbitration relies on a single trial system and the fact that its executive powers while having the same effectiveness as the final ruling does not get acknowledged leads to the phenomena of avoiding its usage. In addition, in relation to the selective arbitration clause, the problem of effectiveness of the arbitrative agreement is becoming a hindrance to the activation and promotion of the arbitration process. Furthermore, in the case where the ordering body is the government, the public servant involved in the case avoiding the arbitration process because of concerns of being penalized by the internal and external audit within the institution is becoming a problem as well. These problems are not only limited to conflicts regarding constructions and there needs to be actions taken to promote the activation of ADR by enacting a basic law. The more important issue at hand however is offering a resolution measure that would be the most appropriate for users and this could probably be done only through actions such as implementing the American partnering system or the dispute adjudication board system so that they can supervise the resolution of conflicts through mediation, arbitration, and assistance as well as offering consultations regarding conflicts related to constructions.

• Journal of Information Technology Services
• /
• v.15 no.3
• /
• pp.33-50
• /
• 2016

In a dynamic IT environment, employees often utilize external IT resources to work more efficiently and flexibly. However, the use of external IT resources beyond its control may cause difficulties in the company. This is known as "Shadow IT." In spite of efficiency gains or cost savings, Shadow IT presents problems for companies such as the outflow of enterprise data. To address these problems, appropriate measures are required to maintain a balance between flexibility and control. Therefore, in this study, we developed a new information security management system called AIIMS (Advanced IT service & Information security Management System) and the Shadow IT Evaluation Model. The proposed model reflects a Shadow IT's attributes such as innovativeness, effectiveness, and ripple effect. AIIMS consists of five fields: current analysis; Shadow IT management plans; management process; education and training; and internal audit. There are additional management items and sub-items within these five fields. Using AIIMS, we expect to not only mitigate the potential risks of Shadow IT but also create successful business outcomes. Now is the time to draw to the Light in the Shadow IT.