• 정보기술과데이타베이스저널
• /
• 제8권1호
• /
• pp.67-80
• /
• 2001

Information Systems (IS) auditing has been know to be helpful in developing optimal IS and managing information resources successfully. The public sector of Korea has witnessed the rapidly growing demand for IS auditing. However, there is a dearth of research that evaluate the effects of IS auditing. This study assesses the impacts of IS auditing based on a process perspective. In order to evaluate the effects objectively and properly, the current study collected empirical data from 58 firms. This stuuy confirmed that IS auditing was a very effective tool for successful IS implementation. The results show that IS auditing improves “project management”, “support”, and “engineering” practices while it does not make any impact on “contract” practice. In general, IS auditing has a tremendous impact on facilitating organization’quality improvement efforts.

• 정보보호학회논문지
• /
• 제25권1호
• /
• pp.75-82
• /
• 2015

최근 클라우드에 원격 저장된 데이터의 무결성 검증을 위해 제 3의 감사자에게 감사 임무를 위탁할 수 있는 다양한 공공 감사 기법이 제안되었으며, 검증 효율성을 높이기 위해 위탁받은 다중 감사 임무를 한 번에 수행할 수 있는 일괄 감사 기법 또한 제안되었다. 하지만 하나의 데이터라도 손상된 경우 일괄 감사의 검증은 실패하게 되고 포함된 모든 감사 임무를 다시 개별적으로 수행해야 한다는 문제점을 가진다. 일괄 감사는 여러 사용자의 데이터 인증자들이 복잡하게 합쳐져 있으므로 일괄 감사가 실패하는 경우 손상된 데이터를 식별하는 것은 매우 어려운 문제이다. 본 논문에서는 프라이버시 보존 가능한 공공 감사 기법인 Wang 등의 기법을 다중 클라우드의 다중 사용자에 대한 일괄 감사가 가능하도록 확장하고, 다중 클라우드 중에서 단일 클라우드의 데이터만 손상된 경우 해당 클라우드를 식별할 수 있는 기법을 제안한다.

• The Journal of Asian Finance, Economics and Business
• /
• 제7권9호
• /
• pp.583-591
• /
• 2020

In recent years, the quality of auditing human resources in domestic auditing firms in Hanoi has certain limitations in which professional skills of auditors have not been given adequate attention. The number of customers at local auditing firms is forecast to increase gradually. Therefore, the quantity and quality of auditors need to be improved to meet requirements of the workload. Data for this research were collected through surveying 120 customers of domestic auditing firms in Hanoi on the 5-point Likert scale. Based on the collected data, we employ both qualitative and quantitative methodology along with some tools such as descriptive statistics, Cronbach's Alpha, T-test and ANOVA to analysis, evaluate and measure the professional skills of auditors in local auditing firms in Hanoi. The results show that the professional skills of auditors in auditing firms include 17 attributes. The majority of respondents show appreciation for the professionalism and professional competence of auditors, while, they think that critical thinking skills and creative thinking skills are still limited and need to be improved. These findings, not only help auditors to improve themselves, but also provide solutions for managers of domestic auditing firms in Hanoi to enhance quality of audited human resources.

• KDI Journal of Economic Policy
• /
• 제31권1호
• /
• pp.207-237
• /
• 2009

본 논문은 전통적인 탈세이론 및 세무조사이론을 활용하여 우리나라 국민기초생활보장제도의 주요 정책수단인 생계급여하에서의 소득탈루(부정수급)와 정책당국 입장에서의 최적 소득조사전략에 대한 이론 분석을 시도하고, 이를 통해 소득파악 제고를 위한 정책적 시사점을 도출하는 것을 목적으로 한다. 생계급여의 누수는 최저생계비 부근의 소득자들을 중심으로 소득탈루가 집중됨으로써 발생하는데, 임의조사(random auditing), 차단조사(cut-off auditing), 차별조사 등의 소득조사전략별 비교분석을 통해, 일정 수준 이하의 신고소득에 대하여 신고소득 수준에 반비례하는 조사확률을 적용하는 차단식(cut-off) 차별조사전략을 적용하는 것이 소득파악률 제고 및 급여누수 최소화를 위해 가장 바람직함을 입증하였다.

• 한국정보처리학회논문지
• /
• 제7권5호
• /
• pp.1409-1418
• /
• 2000

Auditing plays a very important role in the process of developing and managing good quality software. The software developing proces should be audited precisely especially in the test phase. Up to the present, because auditing has depended on the auditor's experience of developing and auditing software, it has been impossible to audit objectively. It is limited to audit systematically and objectively because auditing process isn't systematized. In this paper, the auditing model to solve several problems in present auditing is suggested, a test phase audit system is developed, and the system is applied to the actual auditing process. Consequently, software administrators can establish effective software management, software developers can be supported by a highly reliable and quality software development tool, and auditors can be offered an objective audit standard.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권4호
• /
• pp.2198-2222
• /
• 2019

The cloud storage service becomes a rising trend based on the cloud computing, which promotes the remote data integrity auditing a hot topic. Some research can audit the integrity and correctness of user data and solve the problem of user privacy leakage. However, these schemes cannot use fewer data blocks to achieve better auditing results. In this paper, we figure out that the random sampling used in most auditing schemes is not well apply to the problem of cloud service provider (CSP) deleting the data that users rarely use, and we adopt the probability proportionate to size sampling (PPS) to handle such situation. A new scheme named improving audit efficiency of remote data for cloud storage is designed. The proposed scheme supports the public auditing with fewer data blocks and constrains the server's malicious behavior to extend the auditing cycle. Compared with the relevant schemes, the experimental results show that the proposed scheme is more effective.

• 대한안전경영과학회:학술대회논문집
• /
• 대한안전경영과학회 2006년도 춘계공동학술대회
• /
• pp.323-330
• /
• 2006

This paper is to introduce guidelines for integrated systems auditing. International standards such as ISO 19011, ISO 9001 and ISO 14001 are considered. This study is to discuss guidelines for quality and environmental management systems auditing and requirement with guidance for use.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제13권2호
• /
• pp.1043-1063
• /
• 2019

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

• 농촌계획
• /
• 제14권2호
• /
• pp.99-110
• /
• 2008

The purposes of this paper are first, to develop and adapt auditing methodology of rural amenity resource investigation and second, to propose strategic planning of amenity web data base system. Relating with auditing methodology, we make the life cycle of rural amenity resource investigation based on value chain method. we make 8 stage of auditing process and 105 auditing items in details. We adapt these guidelines in real world and then improve developed methodology. Therefore we expect to promote the quality and accuracy of investigation project using these guidelines. Relating with blue print of strategic planning, we first analyse external environment about Competitors, Suppliers, New entrants, Buyers, Substitutes with 5 force model for amenity information system. We second make the blue print of strategic planning of amenity web data base system project. Then we propose the FIRST, BEST, MOST strategy of amenity web data base system and the web hub system.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권10호
• /
• pp.5039-5061
• /
• 2017

Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.