• Journal of Service Research and Studies
• /
• v.9 no.2
• /
• pp.31-40
• /
• 2019

In this paper, we have studied the improvement of operational control for the enhancement of business continuity of information system becoming more important with the development of information technology such as big data, Iot, and artificial intelligence. The operational management and audit guidance of the current information system, which is coming in the fourth industrial age, where various services, data and industries are converged, is based on the existing general information system pattern and needs to be improved. The provision of services at fixed times is linked to the survival of enterprises and countries and serves as a key element. Therefore, it is necessary to study the application of optimized check items of the operation audits to minimize the service interruption damage of the information system and to provide the stable service in terms of business continuity management. To accomplish this, the check items presented in the operational control of the information system were derived by combining the PDCA step contents and 8 resource requirements provided in ISO 22301. From the point of view of increasing the business continuity according to the derivation criteria of the inspection items, the operational inspection check items were derived by exemplifying the improved check items and review items of the information system operation audit and the products to be checked during the operational audit. The check items were divided into management audit improvement check items for service continuity management, and operational audit improvement check items for performance and availability management. The average score of the IT professionals' survey on the suitability of the proposed checklist was 4.63, which was concluded to be appropriate.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.11-27
• /
• 2012

The purpose of this study was to suggest a guideline for systematic and practical critical success factors of the External IT audit. For this purpose, an integrated conceptual model is developed considers that the service quality, and the IS(Information Systems) success with a contingency viewpoint. The model is tested using 254 data of IS projects which procured the external IT auditing service in public sector of Korea. The results of this study are as follows. First, service quality attributes of responsiveness, reliability, and tangibility have positive influence on IS implementation process quality. Second, the external IT audit quality obviously contributes to IS implementation success considering both IS implementation process quality and IS system quality. However it has positive influence on the process quality directly and the system quality indirectly.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.211-219
• /
• 2019

Accomplishing information system, techniques, methodology have been studied continuously and give much help to auditors who are using them. Additionally audit report which is the conclusion of accomplishing ISA(information system audit), has law of a basis and phase with ITA/EA Law(Electronic Government Law). This paper is for better quality of ISA report. But it has more errors about sentence and Grammatical structures. In this paper, to achieve quality improvement objectives, it is necessary to recognize the importance of an audit report by investigating on objectives, functionality, structures and usability of a report firstly, and a legal basis, the presence of report next. Several types of audit reports were chosen and the reports errors were divided into several categories and analyzed. After grasping reasons of those errors, the methods for fixing those errors and check-lists model was provided. And based on that foundation, the effectiveness validation about real audit reports was performed. The necessity for efforts to improve the quality of audit reports was emphasized and further research subject(AI Automatic tool) of this paper conclusion. We also expect this paper to be useful for the organization to improve on ISA in the future.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.277-285
• /
• 2016

This paper aimed at contributing to the improvement of objectivity and reliability of operating audit, quantitative audit result, being able to comparing with best practice and past operating status, through providing quantitative operation check sheet. Quantitative operation check sheet is comprised of thirteen basic check sheet area. The auditors evaluate the current operation status level with basis of basic check sheet area. It is hoped that this thesis on a quantitative operation check sheet for the Improvement of the operation Audit will become the basis for the applicaton and effectiveness of an operation audit that not only the improvement of the quality of information system audit but also usability of operation audit.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.3
• /
• pp.81-90
• /
• 2003

The presence of the intrusion is judged by intrusion detection system based on the audit log and the Performance of this system depends on how correctly and effectively it has been described about the intrusion pattern with audit log. In this paper, the relativity concerning intrusion is demonstrated among the information those are ‘System call, Network packet and Syslog’ and the related pattern of the state-transition-based method and those rule-based pattern is identified. By applying this correlation to them, the accuracy rate of detection was able to be improved. Especially, the availability of detection with correlation pattern through Covert Channel detection test has been substantiated.

• Journal of Internet Computing and Services
• /
• v.18 no.3
• /
• pp.71-83
• /
• 2017

In recent years, by utilizing the greatest strengths of process mining, the various research activities have been actively progressed to use auditing work of business organization. On the other hand, there is insufficient research on systematic and efficient analysis of massive data generated under big data environment using process mining, and proactive monitoring of risk management from audit side, which is one of important management activities of corporate organization. In this study, we intend to realize Hadoop-based internal audit integrated real-time monitoring system in order to detect the abnormal symptoms in prevent accidents in advance. Through the integrated real-time monitoring system for purchasing audit, we intend to realize strengthen the delivery management of purchasing materials ordered, reduce cost of purchase, manage competitive companies, prevent fraud, comply with regulations, and adhere to internal control accounting system. As a result, we can provide information that can be immediately executed due to enhanced purchase audit integrated real-time monitoring by analyzing data efficiently using process mining via Hadoop-based systems. From an integrated viewpoint, it is possible to manage the business status, by processing a large amount of work at a high speed faster than the continuous monitoring, the effectiveness of the quality improvement of the purchase audit and the innovation of the purchase process appears.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.1
• /
• pp.343-352
• /
• 2021

This study aims to identify the impact of the audit approach based on business risks (i.e., external environment risk, operations risk, information risk) in reducing unsystematic risks (i.e., operational risk, credit risk, liquidity risk, capital risk, and administrative risk) in Jordanian banks. To reduce the effect of unsystematic risks and, thus, improve banking performance, an audit approach based on business risks has emerged. To achieve the objectives, this study relied on descriptive statistics and the regression approach to study twenty-five Jordanian banks. The researcher used the intentional sampling method represented by employees of the accounting, financial and control departments in Jordanian banks. Seventeen banks contributed to the study, with a percentage of 68%, totaling 356 employees. A questionnaire was designed to obtain the data, and due to homogeneity among the sampling members, a purposive sample was drawn and 300 questionnaires were distributed. The results of the study found a statistically significant effect of the audit approach based on business risks with its combined dimensions on reducing unsystematic risks in Jordanian banks. The results of the study also found a statistically significant effect of the business risk-based audit approach with its combined dimensions on reducing operational risks in Jordanian banks.

• Informatization Policy
• /
• v.30 no.4
• /
• pp.3-39
• /
• 2023

With the growing importance of information/information system, information security is emphasized, and the significance of information security audit as a tool for maintaining the proper security level is increasing as well. The objectives of the study are to identify the overall research trends and to propose future research areas by analyzing domestic and overseas research in the area. To achieve the objectives, 103 research papers were analyzed based on both general and subject-related criteria. The following are the major research results : In terms of research approach, more empirical studies are needed; For subject "Auditor," studies to develop a framework for related variables (e.g., capability) are needed; For subject "Audit Activities/Procedures," future research should focus on the process/results of detailed audit activities; Future domestic research for "Audit Areas" should look for the new technology/industry/security areas covered by foreign studies; For "Audit Objective/Impact," studies to define the variables (e.g., performance and quality) systematically and comprehensively are needed; For "Audit Standard/Guidelines," research on model/guideline needs to be continued.

• Journal of Internet Computing and Services
• /
• v.2 no.2
• /
• pp.11-22
• /
• 2001

For the effective and efficient management of the information system development project. the domestic market is also required to manage the project and set up the information system audit items, which are applicable to the actual project using CMM(Capability Maturity Model). With this thesis, we suggest a reference model complimenting the project. by letting a project manager recognize beforehand the present maturity status, within an organization as well as step-by-step management items and audit indicators for the future capability maturity improvement.

• Asia pacific journal of information systems
• /
• v.9 no.3
• /
• pp.111-126
• /
• 1999

Current audit reports on IS development projects provide useful information to stakeholders but have such limitations as the lack of quantification of audit results and the insufficient recommendations on success factors. The purpose of this study is to solve these limitations, leading audit reports to become of future-oriented contents and form. This research was conducted through the logical inference from the review on the related literature, the analysis of audit reports from 1996 to 1998, and the collection of data from interviews and questionnaires with IS auditors. As a result of the study, eighteen success factors were identified for the development of IS projects, including the adequate composition of the system development team, the degree of project manager's cooperation with the client organization, and the timing of decision making.