• Korean System Dynamics Review
• /
• v.12 no.3
• /
• pp.25-46
• /
• 2011

Recently, performance auditing system of governmen is carried out as most promising framework of government audit. Performance audit by the Board of Audit and Inspection of Korea involves assessing the causes and effects of government policies, programs, and Institutions with the criteria of economy, efficiency, effectiveness. Performance auditing will contribute to strengthening the values of objective assessments of whether public resources are responsibly and effectively managed to achieve intended results. Nevertheless, there seems to be a problems appears in implementation of audit. That is the problems of tendency return to legitimacy audit which is result from the lack of strong approach and methodology. So, this study purpose to developing stronger audit concepts and methods that add to the process and framework of traditional performance auditing system. First, this study evaluates the limitation of current performance auditing system with the perspective of systems thinking. Second, this study analyzes the process and method of current system and develop the conceptual model of the Dynamics Audit System using the system dynamics methodology, which focused on the appropriate auditing process and framework.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.139-148
• /
• 2008

Information technology have led to change the automation of large industrial control system as well as business system and environments. Industrial control system(ICS) is vital components of most nation's critical infrastructures such as electricity, natural gas, water, waste treatment, transportation and communication that are based of national security, safety of citizen and development of national economy According to the change of business environment, organizational management pushed integration all of the system include MIS and ICS. This situation led to use standard information technologies for ICS, this transition has been to expose ICS to the same vulnerabilities and threats that plague business system. Recently government obliged owners of the public information system to audit for safety, efficiency and effectiveness, and also obliged the owners of national infrastructure to improve their system security as a result of vulnerability analysis. But there doesn't prepare a security architecture and information security auditing framework of ICS fur auditing. In this paper, I suggested the security architecture and information security auditing framework for ICS in order to prepare the base of industrial system security auditing.

• The Journal of Industrial Distribution & Business
• /
• v.6 no.1
• /
• pp.37-40
• /
• 2015

Purpose - Investors, creditors, governments, and others make decisions using reasonable information provided by others. In many cases, the users of this information have goals and objectives conflicting with those of the information's producers, indicating the need for external auditors. Research design, data, and methodology - Competition in auditing has noticeably intensified globally, especially in developed countries. This means that auditors are striving to increase the efficiency of their methods. In recent years, risk-based auditing has become prominent among these efforts. In risk-assessment auditing, the auditor may directly affect the effectiveness and efficiency of the audit. Results - As a central framework, the risk assessment process improves audit quality and effectiveness such that the audit will lead to necessary changes. Previous studies have shown that risk assessment affects the nature, timing, and content of audit procedures. Conclusions - In the planning stage of an audit, audit risk assessment may identify any inappropriate or inefficient distribution of resources or determine whether the results of an audit will be ineffective or incorrect. Thus, assessing audit risk is a critical task.

• Information Systems Review
• /
• v.8 no.1
• /
• pp.223-239
• /
• 2006

In digital economy, information systems are recognized as the most critical survival factor of companies. Companies must launch and expand business based on information systems either developed newly or adopted as ERP. However, successful information systems operation shall face many realistic problems. Especially most small and medium enterprises experience many difficulties in systems operation or even give up operating information systems due to unexpected operational problems. This paper suggests a framework for effective information systems operation for small and medium enterprises. The framework is designed through case studies, consisting of service framework, auditing framework, and risk management framework. It is expected that the framework contributes to successful information systems operation in small and medium enterprises.

• Journal of Service Research and Studies
• /
• v.7 no.3
• /
• pp.21-36
• /
• 2017

Recently in information business, managing and auditing are getting more difficult because of enlargement, intellectualization and convergence. In addition, ordering organizations have been having a difficult time choosing a service because not only there is a huge overlap between information audit system and PMO but also the work boundaries of those two are not clear enough. As the demand that a business managing and auditing frame work need to be more developed in terms of independence, quality, economic feasibility and responsibility has been increased, the Korea Association Of Information Systems Audit has been attempting to improve business management and audit system by proposing Unified Project Management Framework whose process is approximately constructed. This study introduces Unified Project Management Framework which is all-encompassing from the ordering at the very beginning of business to the operating in the post-processing step and then verifies its work scope through a comparative analysis with existing management systems. Also, this thesis examines the necessity of unification of audit system and PMO by analysing existing similar systems. At the end, this study, analyses the suitability of Unified Project Management Framework by evaluating it with IT goal frame of COBIT5 which is constructed based on BSC performance management index. The result of the analysis is expected to help people in charge understanding the features of Unified Project Management Framework before they apply it to practical business.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.6 no.2
• /
• pp.233-245
• /
• 2010

This paper proposes security architecture, security audit framework, and audit check item. These are based on the security requirement that has been researched in the information system audit. The proposed information security architecture is built in a way that it could defend a cyber attack. According to its life cycle, it considers a security service and security control that is required by the information system. It is mapped in a way that it can control the security technology and security environment. As a result, an audit framework of the information system is presented based on the security requirement and security architecture. The standard checkpoints of security audit are of the highest level. It was applied to the system introduction for the next generation of D stock and D life insurance company. Also, it was applied to the human resources information system of K institution and was verified. Before applying to institutions, system developers and administrators were educated about their awareness about security so that they can follow guidelines of a developer security. As a result, the systemic security problems were decreased by more than eighty percent.

• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.2
• /
• pp.43-52
• /
• 2020

The paper investigates the mechanism through which corporate credit ratings affect dividend payments by decomposing the mean difference of dividends into a part that is explained by the determinants of dividends and a residual part that is contributed by the pure credit group effect, in the framework of the traditional dividend model of Fama and French (2001). Historically, better credit rated firms have shown consistently higher propensity to pay dividends especially during the economic crisis period. According to the counter-factual decomposition technique of Jann (2008), better rated firms are more responsive to the firm characteristics that have positive impact on dividends and poor rated firms are more responsive to the negative dividend predictors. As a result, good (bad) credit ratings make corporate managers become more bold (timid) in their dividend payments and they tend to pay more (less) dividends than what their firm characteristics prescribe. The degree of information asymmetry increases for the poor group firms during crisis periods and they attempt to reserve more cash in preparation for future investments. The decomposition results suggest that the credit group effect can potentially exceed the effect of firm characteristics because firms of different credit ratings can respond to the very same firm characteristics in a different manner.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.12
• /
• pp.183-189
• /
• 2021

Transfer pricing is a matter of concern for countries. It affects the interests of the parties involved in the commercial transaction. Through manipulation of prices in transactions, businesses take advantage of tax rates in a country to adjust profits for economic gain. This affects the fairness and rationality of economic transactions between related parties. The article uses a two-year time series from 2018 to 2019 of 50 foreign direct investment enterprises in Vietnam. The article uses ordinary least squares to test the hypotheses of the research model. The article uses four independent variables related to ownership structure affecting transfer pricing decisions including total ownership, organization ownership, concentration ownership, and area ownership. Research results show that two variables have a positive influence on transfer pricing decisions including total ownership and organization ownership. Organization ownership has a higher degree of influence than total ownership. To be able to control transaction activities related to transfer pricing, Vietnam's state management agencies need to pay attention to perfecting the legal framework based on supplementing and amending regulations related to transfer pricing. Legal regulations need to be regulated based on international common practices to ensure uniformity on a global scale.

• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.121-135
• /
• 2006

With the growth and maturation of IT industry, the necessity of audit about development, maintenance and management of high-quality information system is gradually increasing. In addition, the necessity of inner auditing system, which could totally verify and evaluate the effectiveness of project according to the characteristics of organization conducting information-oriented business, also being proposed. Government offices including Korea Institute of Science and Technology(KISTI) collectively controlling nationwide science-technology related information have no guiding principle or organization within themselves even though performing information-oriented businesses are becoming more bigger and complicated. In this paper, we propose scheme for devising framework, which can audit construction and operation of knowledge information, check list and guideline. In addition, we present concrete ways for adapting these schemes to institutes which manage science-technology knowledge information. Audit framework consists of points of time in audit, audit domain and audit criterion. Points of time in audit are defined as three phases as followings: pre-audit, in-progress audit and post-audit. Audit domain includes 16 detail audit domains and especially we set 11 check items and 40 detail investigation items for database implementation business. We expect that management level of science-technology implementation business of organizations using this research result will increase and they could offer high-quality information service.

• Asia pacific journal of information systems
• /
• v.24 no.4
• /
• pp.417-441
• /
• 2014

Organizations need to exhibit characteristics of agility to stay ahead of their competitors and to survive in dynamic environments. One major concern for organizations is how to implement Information Systems (ISs) to enhance their agility. Organizations tend to spend too many resources to change their entire IS instead of only the components that cause problems without exactly knowing whether it enables or suppress organizational agility. To address these shortcomings and practical issues, we provide a framework to assess organizational agility and to diagnose a problem related to IS. By applying this prototype of the Agility Framework, we were able to diagnose a problem that the department of Management Control and Information Systems at the Universidad de Chile had and planned actions for them to improve its organizational agility with a course scheduling system, eClasSkeduler. This action research, which took more than 25-month for the first cycle, further develops the Agility Framework, which not only provides a way to link IS with organizational functions but also illustrates how to use it to diagnose a situation and plan actions for improving organizational agility through an information system.