• Information Systems Review
• /
• v.10 no.1
• /
• pp.165-191
• /
• 2008

Traditionally, information systems audit has been carried out by the auditors. So the main focuses of audit are managerial point of view, such as finding errors or missing functions. The final purpose of audit, however, is to help the organization to make better decision through better information services. So we felt that managerial point of audit should be extended to include the factors that increase the competitiveness of organization. To accomplish this goal, new factors that reflect the ideas of three groups, users, developers in addition to auditors. First, by adopting the ideas from service quality evaluation area, we develop six items and 24 indexes for information systems audit. Second, we separate the audit related parties into three groups, users, developers and auditors. The main reason is that major concerns of three groups to the system will be different considerably. Third, we quantified the weights of each group to each 6 items and 24 indexes using Analytic Hierarchy Process. Fourth, the resulting weights of each item are found to be different by the group, and possible reasons are analyzed.

• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.81-93
• /
• 2006

Recently, information technology is considered as a basement of management for industries as well as administrations. Especially, government agencies deal with more high sensitive and Important data than other businesses, so, their security managements should be fair and efficient. At present, most government agencies possess and operate their own information security systems, but apply them for the sake of formality only, even do not adapt an audit system for management polices. This paper presents a design and implementation of an automated audit system which is suitable for the operation environment in government agencies, using the audit system based on the BS7799. The. proposed system aims to objectively, numerically and daily control the ISMS (Information Security Management System) for different level of government agencies. In addition, it permits to design and implement an adaptive audit tool, in order to meet a given condition of audit organization and guard the personal relationship between the auditor and its counterpart.

• Journal of Advanced Navigation Technology
• /
• v.16 no.6
• /
• pp.1080-1091
• /
• 2012

Information system for audit target that was done in the past business unit system presided over the development process for an integrated information system in three steps further from the audit step 2 step-by-doing, for in the presiding quality party check for the information systems audit requirements of social responsibility is growing. Therefore, efforts are needed for research on factors affecting the quality of the audit and audit improve the quality in order to improve the quality of the Methodist This study, the general auditor competence and supervision, empowerment and the causal relationship between the quality of service, presided over by a model that can be analyzed in the field to develop and take advantage of the auditor's general theory of leadership was developed from existing research capabilities identification and analysis on a supervisor's empowerment survey conducted for the auditor to perform Methodist, its contents and using the LISREL structural equation methods were empirically tested.

• Journal of Service Research and Studies
• /
• v.8 no.2
• /
• pp.41-65
• /
• 2018

With the dawn of society where individuals or enterprises based on data generate infinite profits, the significance of database operation management is growing centering on data quality. However, there are not many South Korean public or private entities managing them systematically. Against this backdrop, this study sought to investigate the current status and problems and explore how to improve from the perspective of auditors. To implement this study, audit checklist was improved and, based on it, auditors and IT experts were surveyed. The final data were analyzed to test the study hypotheses empirically. As a result of the analysis, it was found that the auditors had been highly satisfied with all of the items on the improved audit checklist for data quality-based database operation management. Moreover, non-auditors were also found to regard them within their acceptable range. This study is expected to help improve information system operation audit and enterprises data operation management.

• The Journal of Asian Finance, Economics and Business
• /
• v.9 no.5
• /
• pp.135-145
• /
• 2022

To improve audit quality, certain Chinese auditing firms have added a third-level review by an additional signing auditor to the general evaluation by a signing auditor team consisting of an engagement auditor and a partner. Nonetheless, our research-based on 36,033 firm-year observations from 2004 to 2019 reveals that compared to the general review system, auditor teams under the three-level review system are less likely to issue modified audit opinions when abnormal financial conditions arise. This finding suggests that, while larger auditor teams' knowledge, experience, and information advantages can theoretically sharpen their judgment, their performance is more susceptible to interference from divergent opinions, the diffusion of responsibility, and lower energy invested by individual auditors, ultimately impairing their judgment regarding the audited enterprises' abnormal financial conditions. That is, the three-level review system, which aims to improve audit quality, actually worsens audit quality. This conclusion remains valid after the problems of heteroscedasticity and endogeneity are addressed by using firm-level cluster robust standard errors and two-stage regression. We hope that our research will draw the attention of auditing firms, prompting them to reconsider the rationality of the three-level review system.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.187-199
• /
• 2013

Since the supply of smart phones, a change in mobile environment brought a turning point called a mobile generation. Smart mobile office is a combined form of smart phones' new mobile environment and its social media. A construction of mobile office environment using smart phones brought revitalization of the smart phone market. CRM construction also became new requirements for a customer management. However, based on the current information system audit standard, check fields or check lists are insufficient to apply to audit for CRM construction in a smart mobile office environment. Therefore, this paper proposes a model for auditing CRM system construction in smart mobile office environment. It proposes audit domain and check lists of CRM construction. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check lists correspond with the purpose of the CRM construction audit during smart mobile office environment. As the result, this study appear to have more than average satisfaction the suitability results were.

• Journal of Convergence for Information Technology
• /
• v.11 no.9
• /
• pp.75-83
• /
• 2021

This research is to analyze how an introduction of full-time quality control("QC") personnel system in audit firms influences on audit quality and verify how important it is to establish the quality control system for auditing quality. We measure audit quality as the level of discretionary accruals and compare the differences between audit firms with QC and without QC. In addition, we analyze the difference in audit qualities between before and after activating the full-time QC personnel system by comparing audit quality of before 2015 with that of after 2016. The results of this study are summarized as follows. First, the audit quality is higher when audit firms have QC personnel. Second, the audit quality is improved after the introduction of the full-time QC personnel system.

• The Journal of Society for e-Business Studies
• /
• v.14 no.3
• /
• pp.169-181
• /
• 2009

As the situations that important evidences or clues are found in digital information devices increase, digital forensic technology is widely applied. In this paper, forensic based audit system is implemented by associating forensic analysis system with agent system which monitors and collects data for analysis in storage devices over distributed network nodes. Forensic audit system implemented in this paper can prevent, audit and trace the computer related crimes in IT infrastructure by real time monitoring and evidence seizure.

• Journal of Service Research and Studies
• /
• v.11 no.1
• /
• pp.45-58
• /
• 2021

Requirements engineering can be seen as proceeding with various processes and activities such as extraction, analysis, specification, management, and verification without temporal and spatial constraints in the development environment of information systems that are becoming large and decentralized. Developing requirements well and conducting continuous evaluation and management is the shortcut to success in project management, and it is recognized as a very important matter in relation to requirements in the information system audit. When we conduct information system audit and conducting projects subject to audit, we need to improve the required engineering aspect. Therefore, this study derives inspection items suitable for the target project by referring to the audit inspection manual and audit inspection guide when conducting the current audit, and relates to the required engineering aspect among the contents of the inspection guide for each business type that is the basis for deriving the inspection items were derived for each audit point/audit area for the project management and quality assurance project type corresponding to the inspection items. The suitability of the extracted occupation items was verified through a questionnaire survey by experts.

• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.79-86
• /
• 2004

In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.