• Title/Summary/Keyword: auditing system

Search Result 127, Processing Time 0.019 seconds

Developing the Auditing Methodology and Strategic Planning of Rural Amenity Resources Investigation (농촌어메니티 자원조사감리방법론 개발과 전략계획)

  • Seo, Bo-Hwan
    • Journal of Korean Society of Rural Planning
    • /
    • v.14 no.2
    • /
    • pp.99-110
    • /
    • 2008
  • The purposes of this paper are first, to develop and adapt auditing methodology of rural amenity resource investigation and second, to propose strategic planning of amenity web data base system. Relating with auditing methodology, we make the life cycle of rural amenity resource investigation based on value chain method. we make 8 stage of auditing process and 105 auditing items in details. We adapt these guidelines in real world and then improve developed methodology. Therefore we expect to promote the quality and accuracy of investigation project using these guidelines. Relating with blue print of strategic planning, we first analyse external environment about Competitors, Suppliers, New entrants, Buyers, Substitutes with 5 force model for amenity information system. We second make the blue print of strategic planning of amenity web data base system project. Then we propose the FIRST, BEST, MOST strategy of amenity web data base system and the web hub system.

The Design and Implementation of Test Phase Audit System (테스트 단계 감리시스템 설계 및 구현)

  • Gwon, Dae-Gon;Han, Pan-Am
    • The Transactions of the Korea Information Processing Society
    • /
    • v.7 no.5
    • /
    • pp.1409-1418
    • /
    • 2000
  • Auditing plays a very important role in the process of developing and managing good quality software. The software developing proces should be audited precisely especially in the test phase. Up to the present, because auditing has depended on the auditor's experience of developing and auditing software, it has been impossible to audit objectively. It is limited to audit systematically and objectively because auditing process isn't systematized. In this paper, the auditing model to solve several problems in present auditing is suggested, a test phase audit system is developed, and the system is applied to the actual auditing process. Consequently, software administrators can establish effective software management, software developers can be supported by a highly reliable and quality software development tool, and auditors can be offered an objective audit standard.

  • PDF

Identification of the Major Auditing Elements for the Development of Sewage Management System -Focusing Inchon UIS- (하수도관리시스템 개발시 중점감리항목 도출에 관한 연구 -인천시 사업을 중심으로-)

  • 김계현;민숙주;이우철;장성현
    • Spatial Information Research
    • /
    • v.8 no.2
    • /
    • pp.289-300
    • /
    • 2000
  • The development of a UIS driven by muncipal governments has been expanding through the wide application of GIS since NGIS project initiated. City of Inchon has developed a sewage management system as the first-year product of the long-term UIS project. GIS auditing process has been adopted to secure the credibility and stability, and to minimize the critical failure factors for building the sewage management system. So far, the auditing method generally used for developing information system in general purposes has been applied to the GIS field due to the absence of proper method for GIS auditing only. This study proposes major differentials in terms of the auditing between GIS and general information system based on the results from auditing Inchon´s sewage management system. The major results from this study would contribute to the establishment of the methodology and accompanying documents for the proper GIS auditing.

  • PDF

A Study on the Development of Performance Audit Model Using the System Dynamics (시스템다이내믹스 기법을 이용한 공공정책 성과감사 모형개발에 관한 연구)

  • Choi, Nam-Hee
    • Korean System Dynamics Review
    • /
    • v.12 no.3
    • /
    • pp.25-46
    • /
    • 2011
  • Recently, performance auditing system of governmen is carried out as most promising framework of government audit. Performance audit by the Board of Audit and Inspection of Korea involves assessing the causes and effects of government policies, programs, and Institutions with the criteria of economy, efficiency, effectiveness. Performance auditing will contribute to strengthening the values of objective assessments of whether public resources are responsibly and effectively managed to achieve intended results. Nevertheless, there seems to be a problems appears in implementation of audit. That is the problems of tendency return to legitimacy audit which is result from the lack of strong approach and methodology. So, this study purpose to developing stronger audit concepts and methods that add to the process and framework of traditional performance auditing system. First, this study evaluates the limitation of current performance auditing system with the perspective of systems thinking. Second, this study analyzes the process and method of current system and develop the conceptual model of the Dynamics Audit System using the system dynamics methodology, which focused on the appropriate auditing process and framework.

  • PDF

A Study on Optimal Auditing Under the Living Wage System (생계급여하에서의 최적 소득조사)

  • Yoo, Hanwook
    • KDI Journal of Economic Policy
    • /
    • v.31 no.1
    • /
    • pp.207-237
    • /
    • 2009
  • One of the main problems in Korea's public assistance program, the NBLS (National Basic Livelihood Security), is that the loophole of welfare system is continuously growing. Living wage program is the largest sub-program of the NBLS, and the most important determinant of amount of living wage for each beneficiary is the level of reported income. Therefore, accurate and effective income detection is essential in improving policy effects and furthermore reducing the leakage of wage expenditure as beneficiaries always have an incentive to underreport their income. Since most of them do not pay income tax, the welfare authority should exert an independent effort to effectively detect their income. Considering that living wage is a special kind of income tax of which marginal tax rate is -1, one can apply a classical theory of tax evasion to understand illegal or excessive receipt of living wage caused by income underreporting. Utilizing a classical theory given by Alingham and Sandmo (1972), this paper provides a theoretical analysis of the optimal income reporting of the beneficiary. Then an optimization problem is constructed from the government's viewpoint to derive optimal income detecting device (auditing). This paper proves that cut-off discriminated auditing outperforms random auditing and cut-off auditing which implies if the government assigns a positive audit probability to every reported income less than a certain level and the probability is inversely proportional to the level of reported income, it can minimize underreporting and then gradually reduce the leakage of wage expenditure.

  • PDF

A Study on the Quality Improvement of Information System Auditing for Agile Methodology (애자일 방법론을 적용한 정보시스템의 감리 품질 향상에 관한 연구)

  • Park, Dong-Ah;Park, Man-Gon
    • Journal of Korea Multimedia Society
    • /
    • v.20 no.4
    • /
    • pp.660-670
    • /
    • 2017
  • In case of auditing of the information system development project applying agile methodology, it is not appropriate to carry out a comprehensive check on the establishment of information system with only the existing check on software. This study considers the characteristics of the agile methodology in terms of Information System Auditing. To improve inspection quality of development project with agile methodology by deriving detailed check items of test activities at each stage, this study proposes a strategy to improve the check on software for the test activities of the supervisory model that is suitable for agile methodology, which emphasizes repetitive work.

Information security auditing Framework in Industrial control system (산업제어시스템 정보보안 감리 프레임워크 연구)

  • Lee, Chul-Soo
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.1
    • /
    • pp.139-148
    • /
    • 2008
  • Information technology have led to change the automation of large industrial control system as well as business system and environments. Industrial control system(ICS) is vital components of most nation's critical infrastructures such as electricity, natural gas, water, waste treatment, transportation and communication that are based of national security, safety of citizen and development of national economy According to the change of business environment, organizational management pushed integration all of the system include MIS and ICS. This situation led to use standard information technologies for ICS, this transition has been to expose ICS to the same vulnerabilities and threats that plague business system. Recently government obliged owners of the public information system to audit for safety, efficiency and effectiveness, and also obliged the owners of national infrastructure to improve their system security as a result of vulnerability analysis. But there doesn't prepare a security architecture and information security auditing framework of ICS fur auditing. In this paper, I suggested the security architecture and information security auditing framework for ICS in order to prepare the base of industrial system security auditing.

Applying a Quantitative Model on Information System Security Audit Evaluation for Improving Auditing Quality (정보시스템 감리품질향상을 위한 보안감리평가에의 정량화모델 적용 연구)

  • 김동수;김현수
    • Journal of Information Technology Applications and Management
    • /
    • v.11 no.2
    • /
    • pp.45-64
    • /
    • 2004
  • Many researchers have proved that information systems auditing is a very effective tool for improving information systems quality. However, information system auditing in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve information system auditing quality on security domain. First of all, we have looked at previous researches on information systems audit, especially on security audit. Based on this survey, we have come up with solutions to improve the evaluation efficiency on security audit. We have merged the security audit guidelines of NCA and KISA, and developed a quantified evaluation scheme. We have proved the validity of this model by interviews with experts and by case studies.

  • PDF

Penetration Testing and Network Auditing: Linux

  • Stiawan, Deris;Idris, Mohd. Yazid;Abdullah, Abdul Hanan
    • Journal of Information Processing Systems
    • /
    • v.11 no.1
    • /
    • pp.104-115
    • /
    • 2015
  • Along with the evolution of Internet and its new emerging services, the quantity and impact of attacks have been continuously increasing. Currently, the technical capability to attack has tended to decrease. On the contrary, performances of hacking tools are evolving, growing, simple, comprehensive, and accessible to the public. In this work, network penetration testing and auditing of the Redhat operating system (OS) are highlighted as one of the most popular OS for Internet applications. Some types of attacks are from a different side and new attack method have been attempted, such as: scanning for reconnaissance, guessing the password, gaining privileged access, and flooding the victim machine to decrease availability. Some analyses in network auditing and forensic from victim server are also presented in this paper. Our proposed system aims confirmed as hackable or not and we expect for it to be used as a reference for practitioners to protect their systems from cyber-attacks.

Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy

  • Yu, Haiyang;Cai, Yongquan;Kong, Shanshan;Ning, Zhenhu;Xue, Fei;Zhong, Han
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.10
    • /
    • pp.5039-5061
    • /
    • 2017
  • Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.