• The Transactions of the Korea Information Processing Society
• /
• v.4 no.9
• /
• pp.2342-2353
• /
• 1997

According to the outstanding development of information industry, a study of firewall is progressing as one of methods to cope with threat and loss of the data through computer network. For the secure network, this paper proposes the method diminishing threat and loss of the network using the correlation firewall with network audit trail system. Also, this paper suggests not only the audit analyzer execution model but also the type of databases used in audit analyzer to analyze the audit data. Network audit trail system has the function of identifing and analyzing of all intruder actions using audit records created by users.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.4
• /
• pp.107-118
• /
• 2010

The user interface is the medium, which provides the users to have an access to the web-based information system. The user interface is the means of improving usability and accessibility for the user, as well as being the core component in the web-based information system. In this paper, the audit framework of the user interface was developed to upgrade the usability and accessibility; it was based on the three basic components of the current audit framework in the web-based information system. At the time of an audit, the UI process of the 'Analysis', 'UI Design', 'UI Production', and 'Test' was defined, which was analyzed through the web development methodology. Also, for the area of an audit, the 'Information', 'Design', and 'Technology' were defined by the analysis of the components that makes up the user interface, From the view of an audit, the standard criteria of an assessment were set as 'Usability', 'Accessibility', and 'Cross Browsing'. Through the framework that was proposed in this paper, practical audit applies the performed examples. By this, the efficiency of the proposed framework was verified.

• Journal of Digital Convergence
• /
• v.11 no.8
• /
• pp.95-108
• /
• 2013

Agile development methods regards an interaction among software developers, operating softwares, and cooperation with customers as its main value. Most of the developing processes undergo a procedure called tailoring to meet the relevant project. Yet, in reality, projects run in disorder due to their overlap with other methods and management processes. As a result, the advantages of agile process cannot be fully used. So, the information system audit has an important role to detect these problems and improve the qualities of agile application projects. Also, researches should be conducted on Agile-based Iformation System Audit Model in order to enhance the effectiveness of agile projects. This paper suggests a model for an information system audit that applied agile developing methods. This model proposes audit domains and check lists for agile-based information system. In order to verify the suitability of the suggested model, more than 89.3% of the checklists were verified as suitable in all domains.

• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2003.05a
• /
• pp.338-346
• /
• 2003

Information Technology (IT) and the internet have been major drivers the changes in all aspects of the business processes and activities. They have brought major changes to the financial statements audit environment as well, which in turn has required modifications in audit procedures. There exist, however, certain difficulties with current audit procedures especially for the assessment of the level of control risk. This assessment is primarily based on the auditors' professional judgment and experiences, not based on the objective hies or criteria. To overcome these difficulties, this paper proposes a prototype decision support model named CRAS-CBR using case based reasoning (CBR) to support auditors in making their professional judgment on the assessment of the level of control risk of the general accounting system in the manufacturing industry. To validate the performance, we compare our proposed model with benchmark performances in terms of classification accuracy for the level of control risk. Our experimental results showed CRAS-CBR outperforms a statistical model (MDA) and staff auditor performance in average hit ratio.

• Journal of Industrial Convergence
• /
• v.3 no.2
• /
• pp.29-50
• /
• 2005

Audit review is the system to review the audit procedures performed and the audit opinion expressed by the independent auditors. The public audit review performed by Financial Supervisory Service (FSS) is regarded as one of the most important means to maintain the reliability of accounting information in Korea. We examinate the effect of audit review on earnings quality by using ERC (earnings response coefficient). We find that ERC of the sample group which issued the audit error reports after they were reviewed by SSB is more effective and higher than one of the non-reviewed group, matching group. We infer that the audit review system has the effectiveness in Korea.

• Journal of Information Technology Services
• /
• v.14 no.4
• /
• pp.105-120
• /
• 2015

Enterprise should determine the adoption and utilization of information systems would be a great help to increase management performance. So, it maintains continually the budget and the investment for informatization. However, there is a limit to clarify whether the investment in informatization is contributed to create business opportunities through corporate competitiveness certainty or not. We tend to recognize the information system as a simple means to support common business rather than being used to achieve the company's business performance and to remain competitive. It is not an easy problem for the quantitative evaluation and analysis on the effect of intangible, such as management performance measurement by introducing computerization project. Informatization level evaluation model for the harsh business environment, specifically the Small and Medium Enterprise is lacking. In this paper, we proposed the audit evaluation model of an Small and Medium Enterprise informatization level based on system quality, information quality, user satisfaction, and IT business contribution. The proposed audit evaluation model was evaluated in the information system users, and verified the suitability throughout the survey of the audit professionals.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.24 no.3
• /
• pp.428-434
• /
• 2020

Recently, due to the development of ICT technology, changes to the convergence service platform of information systems are accelerating. Convergence services expanded to cyber systems with 5G communication, IoT, AI, and cloud are being reflected in the real world. However, the field of cybersecurity audit for responding to cyber attacks and security threats and strengthening security technology is insufficient. In this paper, we analyze the international standard analysis of information security management system, security audit analysis and security of related systems according to the expansion of 5G communication, IoT, AI, Cloud based information system security. In addition, we design and study cybersecurity audit checklists and contents for expanding security according to cyber attack and security threat of information system. This study will be used as the basic data for audit methods and audit contents for coping with cyber attacks and security threats by expanding convergence services of 5G, IoT, AI, and Cloud based systems.

• The Transactions of the Korea Information Processing Society
• /
• v.7 no.5
• /
• pp.1409-1418
• /
• 2000

Auditing plays a very important role in the process of developing and managing good quality software. The software developing proces should be audited precisely especially in the test phase. Up to the present, because auditing has depended on the auditor's experience of developing and auditing software, it has been impossible to audit objectively. It is limited to audit systematically and objectively because auditing process isn't systematized. In this paper, the auditing model to solve several problems in present auditing is suggested, a test phase audit system is developed, and the system is applied to the actual auditing process. Consequently, software administrators can establish effective software management, software developers can be supported by a highly reliable and quality software development tool, and auditors can be offered an objective audit standard.

• Journal of Information Technology Applications and Management
• /
• v.22 no.1
• /
• pp.37-60
• /
• 2015

As the dependence on information systems in enterprises has grown dramatically, the importance of implementing information systems in audit has been increased as well. However, there is a lact of about utilization of information system for audit process. Thus, this study is to investigate the factors that effect auditor's adopting Data Analytics to audit work. Through literature research and focus group interview, we added two factors that affect the behavioral intention to UTAUT model. We have selected performance expectancy, effort expectancy, social influence, facilitating conditions, anxiety, task fit, behavioral intention as variables and verified hypotheses based on survey questionnaires from auditors. As a result, it was found that performance expectations, social influence, task fit influenced the behavior intention. In Addition, we analyzed adding two variables, IT-related work experience and type of auditor as moderate variable. This study has an implication for companies to motivate implementation as well as activation of Data Analytics technique.

• Journal of Information Technology Services
• /
• v.3 no.1
• /
• pp.117-126
• /
• 2004

In this study an evaluation method is proposed, with the strong relationship between the ante and post audit works evaluation. The ante evaluation does in general and systematic ways, with past audit results and proposals. The criteria-based evaluation is used for the audit activities and outputs. The critical success factors for the projects applies to the activities evaluation and product evaluation framework to the output. The ante and post evaluation have the cross evaluation items to be the whole and continuous one. Eighteen common evaluation items are derived, with their own evaluation elements in detail, which have only differences of the actually done and expectations between the ante and post. The proposed evaluation makes the ante and post one to be related with each other in a systematic and objective ways, to enhance the reliability of audit results and effectiveness of the audit.