• Management & Information Systems Review
• /
• v.35 no.3
• /
• pp.231-247
• /
• 2016

This study, according to the amendment of the Act on External Audit, on the basis of the number of input auditors, the content of auditing, and audit times as additional informations, calculates the average of the samples listed companies with assets of one hundred billion KRW. However, since the actual number of the subject corporations of which asset is 100 billion KRW is small, it is difficult to extract data with reference to this asset size. Therefore, the samples were extended to 50 corporations of which asset is 10% less than 100 billion KRW and other 50 more corporations of which asset is 10% more than 100 billion KRW. As a result, a total of 100 corporations were included as samples. To calculate the average of the audit times, a t-test was performed between the two groups. The result of the t-test showed that there is not a significant difference between the two groups. According to the analytical results of the t-test, the average of the number of input auditors and the average of audit times were calculated with respect to all the 100 samples. A further analysis showed that the average of audit content in the present study was compared with the estimated values in the study of Mun (2016). Although the results of this study may not be the optimal number, they may be used as a fundamental index which may be compared with the audit times and the audit fees in the current audit market where there is not an available reference. In addition, the amendment of the Act on External Audit may enhance the independence of auditors and the transparency of accounting system when compared with the previous system where only the total audit times were disclosed.

• Informatization Policy
• /
• v.30 no.4
• /
• pp.3-39
• /
• 2023

With the growing importance of information/information system, information security is emphasized, and the significance of information security audit as a tool for maintaining the proper security level is increasing as well. The objectives of the study are to identify the overall research trends and to propose future research areas by analyzing domestic and overseas research in the area. To achieve the objectives, 103 research papers were analyzed based on both general and subject-related criteria. The following are the major research results : In terms of research approach, more empirical studies are needed; For subject "Auditor," studies to develop a framework for related variables (e.g., capability) are needed; For subject "Audit Activities/Procedures," future research should focus on the process/results of detailed audit activities; Future domestic research for "Audit Areas" should look for the new technology/industry/security areas covered by foreign studies; For "Audit Objective/Impact," studies to define the variables (e.g., performance and quality) systematically and comprehensively are needed; For "Audit Standard/Guidelines," research on model/guideline needs to be continued.

• Journal of KIISE:Computing Practices and Letters
• /
• v.10 no.2
• /
• pp.146-155
• /
• 2004

Currently most of commercial operating systems contain a high-level audit feature to increase their own security level. Linux does not fall behind the other commercial operating systems in performance and stability, but Linux does not have a good audit feature. Linux is required to support a higher security feature than C2 level of the TCSEC in order to be used as a server operating system, which requires the kernel-level audit feature that provides the system call auditing feature and audit event. In this paper, we present LxBSM, which is a kernel module to provide the kernel-level audit features. The audit record format of LxBSM is compatible with that of Sunshield BSM. The LxBSM is implemented as a loadable kernel module, so it has the enhanced usability. It provides the rich audit records including the user-level audit events such as login/logout. It supports both the pipe and file interface for increasing the connectivity between LxBSM and intrusion detection systems (IDS). The performance of LxBSM is compared and evaluated with that of Linux kernel without the audit features. The response time was increased when the system calls were called to create the audit data, such as fork, execve, open, and close. However any other performance degradation was not observed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.12
• /
• pp.3218-3241
• /
• 2023

Financial fraud undermines the sustainable development of financial markets. Financial statements can be regarded as the key source of information to obtain the operating conditions of listed companies. Current research focuses more on mining financial digital data instead of looking into text data. However, text data can reveal emotional information, which is an important basis for detecting financial fraud. The audit opinion of the financial statement is especially the fair opinion of a certified public accountant on the quality of enterprise financial reports. Therefore, this research was carried out by using the data features of 4,153 listed companies' financial annual reports and audits of text opinions in the past six years, and the paper puts forward a financial fraud detection model integrating audit opinions. First, the financial data index database and audit opinion text database were built. Second, digitized audit opinions with deep learning Bert model was employed. Finally, both the extracted audit numerical characteristics and the financial numerical indicators were used as the training data of the LightGBM model. What is worth paying attention to is that the imbalanced distribution of sample labels is also one of the focuses of financial fraud research. To solve this problem, data enhancement and Focal Loss feature learning functions were used in data processing and model training respectively. The experimental results show that compared with the conventional financial fraud detection model, the performance of the proposed model is improved greatly, with Area Under the Curve (AUC) and Accuracy reaching 81.42% and 78.15%, respectively.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.1262-1263
• /
• 2012

정보시스템감리와 회계감사에서 감리 및 감사의 적정성은 핵심적인 문제 가운데 하나이다. 본 논문에서는 정보시스템감리와 회계감사의 목적과 특징, 수행 절차를 살펴보고, 감리 및 감사의 적정성에 대한 판단기준을 비교하였다.

• Journal of Service Research and Studies
• /
• v.11 no.1
• /
• pp.45-58
• /
• 2021

Requirements engineering can be seen as proceeding with various processes and activities such as extraction, analysis, specification, management, and verification without temporal and spatial constraints in the development environment of information systems that are becoming large and decentralized. Developing requirements well and conducting continuous evaluation and management is the shortcut to success in project management, and it is recognized as a very important matter in relation to requirements in the information system audit. When we conduct information system audit and conducting projects subject to audit, we need to improve the required engineering aspect. Therefore, this study derives inspection items suitable for the target project by referring to the audit inspection manual and audit inspection guide when conducting the current audit, and relates to the required engineering aspect among the contents of the inspection guide for each business type that is the basis for deriving the inspection items were derived for each audit point/audit area for the project management and quality assurance project type corresponding to the inspection items. The suitability of the extracted occupation items was verified through a questionnaire survey by experts.

• Journal of Internet Computing and Services
• /
• v.7 no.5
• /
• pp.81-93
• /
• 2006

Recently, information technology is considered as a basement of management for industries as well as administrations. Especially, government agencies deal with more high sensitive and Important data than other businesses, so, their security managements should be fair and efficient. At present, most government agencies possess and operate their own information security systems, but apply them for the sake of formality only, even do not adapt an audit system for management polices. This paper presents a design and implementation of an automated audit system which is suitable for the operation environment in government agencies, using the audit system based on the BS7799. The. proposed system aims to objectively, numerically and daily control the ISMS (Information Security Management System) for different level of government agencies. In addition, it permits to design and implement an adaptive audit tool, in order to meet a given condition of audit organization and guard the personal relationship between the auditor and its counterpart.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.11-27
• /
• 2012

The purpose of this study was to suggest a guideline for systematic and practical critical success factors of the External IT audit. For this purpose, an integrated conceptual model is developed considers that the service quality, and the IS(Information Systems) success with a contingency viewpoint. The model is tested using 254 data of IS projects which procured the external IT auditing service in public sector of Korea. The results of this study are as follows. First, service quality attributes of responsiveness, reliability, and tangibility have positive influence on IS implementation process quality. Second, the external IT audit quality obviously contributes to IS implementation success considering both IS implementation process quality and IS system quality. However it has positive influence on the process quality directly and the system quality indirectly.

• Journal of Information Technology Services
• /
• v.11 no.4
• /
• pp.39-50
• /
• 2012

With the obligation of information system supervision and an increase in supervision demands, the quality improvement in information system supervision has been of significance, and the supervision system has been enhanced in the way of preventing information systems from being poorly established. In the meantime, recently the supervision industry has received administrative punishment due to violation of supervision guidelines and false reports. As a result, the introduction of the responsible supervision of information systems to strengthen the rights and duties of supervisors and supervision corporations has been discussed by supervision corporations. Therefore, this work was intended to propose success factors to introduce responsible supervision in the information system supervision sector, and thereby contribute to the introduction of responsible supervision system that plays a successful role in preventing poor supervision and establishing information system business. The success factors of the responsible supervision of information systems, proposed in this work, were categorized into legal system, standardization of supervision work, those concerned with supervision. And, detailed success factors of each category were proposed, and on the basis of that, the success model to introduce responsible supervision successfully was proposed.

• Management & Information Systems Review
• /
• v.10
• /
• pp.95-115
• /
• 2002

E.U(Europe Union) and I.S.O(International Standard Organization) have promoted environmental problems from an individual enterprise level to international level. E.U have practiced E.M.A.S(Environment Management Audit Scheme), they have explained environmental information to local residents by an environmental statement and they have introduced verification system by identification person. One year later, I.S.O have published ISO 14000 series by environmental audit in 1996. Modem enterprise must go well with profitability and sociality. Environmental accounting was appeared in order to agree with profitability and sociality. Environmental accounting is to solve environmental problems, to protect natural resources, to measure effect of environment, and to transmit information of environment. Accountability's theory must be based social fairness and systemic legality. We need the accountability in order to system of Environmental accounting. But the conception of environmental accounting and accountability are not defined in our country. Therefore the purpose of this study is to established the relation of environmental accounting and accountability.