• Title, Summary, Keyword: Audit Model

Search Result 168, Processing Time 0.035 seconds

An Audit Model for Information Protection in Smartwork (스마트워크 기반의 정보보호 감리 모형)

  • Han, Ki-Joon;Kim, Dong-Soo;Kim, Hee-Wan
    • Journal of Digital Convergence
    • /
    • v.12 no.1
    • /
    • pp.229-239
    • /
    • 2014
  • Smartwork technology, using teleworking, smartwork centers and mobile terminal, provides a flexible work environments without constraints of time and space. Smartwork system to increase the work efficiency has the information protection threats according to their convenience. Thus, in order to build smartwork, it is proper to provide information protection audit to help ensure the information protection. In this paper, we have proposed an infortaion protection audit model at the practical and technical level for building a smartwork environment. We were classified as a terminal, network and server area for information protection, and derived a professional information protection check items. Further, by establishing a smartwork information protection audit time to map ISMS control items, we have proposed an audit model so that it is possible to improve the security and efficiency. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check items correspond with the purpose of the smartwork information protection audit to auditors and IT specialists. As the result, this study was 97% satisfaction out of 13 check items.

Design on Fixed Quantity Analytical Model for Information System Audit based on Requirements (요구사항 기반 정보시스템 감리의 정량화 분석 모델 설계)

  • Kim, Hee-Wan;Kim, Hun-Kyeom;Koh, Chan;Kim, Dong-Soo
    • Journal of Digital Convergence
    • /
    • v.9 no.5
    • /
    • pp.141-156
    • /
    • 2011
  • Auditors' subjective opinions m audit activities weaken reliability in audit judgments. This paper suggests fixed quantity models through requirement priority for improving objective evaluation and priorities of requirements in information system audit. The value of requirements was evaluated based on customers' requirements with a premise that they are not in the same level. Furthermore, the audit objective judgments were enhanced to enable fixed quantity of subjective audit by subdividing detailed evaluation index of requirement priority standards into importance of service and function on orderers' perspective, and sectioning cost and schedule on contractors' perspective.

THE RELATIONSHIP BETWEEN THE INFLUENCE FACTORS AND THE AUDITOR′S USE OF EDP AUDIT TECHNIQUES IN KOREAN ACCOUNTING FIRMS

  • Choe, Jong-Min
    • Management Science and Financial Engineering
    • /
    • v.3 no.2
    • /
    • pp.45-70
    • /
    • 1997
  • The objectives of this study are to suggest and empirically prove the relationship model for investigating influence factors on the use of EDP audit techniques, and to identify moderating effects of the task types of EDP audit on the relationships between the influence factors and the use of EDP audit techniques. The results of the empirical test suggested that there are significant (positive or negative) correlations between the use of some EDP audit techniques and the influence factors, such as audit education, auditor's familiarity and age, and effectiveness of the technique, etc. The significant differences in the use of EDP audit techniques were empirically proved in the ratio of audit fees and the audit structure. It was also proved that the relationships between the use of techniques and the influence factors are different according to the task types of EDP audit. This study proposed the technique and the auditor related implications of these findings for the successful fulfilment of EDP audit.

  • PDF

A Study on Behavioral Intention and Application of Information Systems Audit technology Using the Technology Acceptance Model (TAM) (기술수용모델 (TAM)을 이용한 정보시스템 감리기술의 사용의도 수준이 활용에 미치는 영향에 관한 연구)

  • Jeon, Soon-Cheon
    • The Journal of Advanced Navigation Technology
    • /
    • v.18 no.6
    • /
    • pp.609-618
    • /
    • 2014
  • Information system audit, by checking overall matters about constructing and managing information system, has to contribute to improvement of information system's quality and improving performance of projects. For this, an auditor has to present objective corroborative facts which back up result of audit and ways of improvement, but in reality, general(especially businessmen's) cognition is that audit is biased by way too subjective opinions. Local experience and theoretical research until now propose that tools of automating audit will be an active means of systematically collecting and proposing these objective evidences of audit. This research not only verified that in the field of audit, phenomenon of technology application can be explained and predicted by applying TAM, but it also contributed in extending theoretical base on information technology and audit by distinguishing several characteristics which appear in the process of the model's application and analysis.

Existing Building Energy Simulation Method Using Calibrated Model by Energy Audit Data (성능진단 데이터로 보정된 모델을 이용한 기존건축물의 에너지시뮬레이션 기법)

  • Kong, Dong-Seok;Kim, Du-Hwan;Chang, Yong-Sung;Huh, Jung-Ho
    • Korean Journal of Air-Conditioning and Refrigeration Engineering
    • /
    • v.26 no.5
    • /
    • pp.231-239
    • /
    • 2014
  • This paper represents a method of existing building energy simulation using energy audit data. Energy audit must be carried out for reasonable analysis, because characteristics of existing buildings such as efficiency of fan, pump, flow rate, pressure, COP and operating schedule could be changed during the building operation. These building characteristics should be measured to estimate actual energy consumption of the existing building. In this study, we conducted energy audit and calculated energy savings for a 7-stories building as a case-study. The energy audit data were used to calibrate the building model of EnergyPlus simulation. Baseline model validated according to M&V guideline index. As a result, building characteristics are significant parameters making a big impact on energy savings in existing buildings.

The audit and control of real time distributed data base system (RTDDB 시스템에서의 감사 및 통제)

  • 배청홍
    • Journal of the Society of Korea Industrial and Systems Engineering
    • /
    • v.12 no.19
    • /
    • pp.89-98
    • /
    • 1989
  • This research addresses the most sophisticated level of complexity of current electronic data processing(EDP) technology realtime, distributed data base(DDB) system. The major objective is to develop guidelines for the control and audit of these sophisticated system, since the control and audit philosophies, control features, and audit techniques applicable to traditional EDP systems are no longer fully appropriate for, or relevant to, these stat-of-art systems. An attempt is made to develop an internally consistent audit and control Conceptual Framework summarizing and integrating the material developed in this research, which then leads into the analysis of the control and audit model.

  • PDF

Internal Control Risk Assessment System Using CRAS-CBR

  • Hwang, Sung-Sik;Taeksoo Shin;Ingoo Han
    • Proceedings of the Korea Inteligent Information System Society Conference
    • /
    • /
    • pp.338-346
    • /
    • 2003
  • Information Technology (IT) and the internet have been major drivers the changes in all aspects of the business processes and activities. They have brought major changes to the financial statements audit environment as well, which in turn has required modifications in audit procedures. There exist, however, certain difficulties with current audit procedures especially for the assessment of the level of control risk. This assessment is primarily based on the auditors' professional judgment and experiences, not based on the objective hies or criteria. To overcome these difficulties, this paper proposes a prototype decision support model named CRAS-CBR using case based reasoning (CBR) to support auditors in making their professional judgment on the assessment of the level of control risk of the general accounting system in the manufacturing industry. To validate the performance, we compare our proposed model with benchmark performances in terms of classification accuracy for the level of control risk. Our experimental results showed CRAS-CBR outperforms a statistical model (MDA) and staff auditor performance in average hit ratio.

  • PDF

A Study on the Agile-based Information System Audit Model (애자일에 기반한 정보시스템 감리 모델에 관한 연구)

  • Kim, Dong Hyup;Chan, Koh;Kim, Dong Soo;Kim, Hee Wan
    • Journal of Digital Convergence
    • /
    • v.11 no.8
    • /
    • pp.95-108
    • /
    • 2013
  • Agile development methods regards an interaction among software developers, operating softwares, and cooperation with customers as its main value. Most of the developing processes undergo a procedure called tailoring to meet the relevant project. Yet, in reality, projects run in disorder due to their overlap with other methods and management processes. As a result, the advantages of agile process cannot be fully used. So, the information system audit has an important role to detect these problems and improve the qualities of agile application projects. Also, researches should be conducted on Agile-based Iformation System Audit Model in order to enhance the effectiveness of agile projects. This paper suggests a model for an information system audit that applied agile developing methods. This model proposes audit domains and check lists for agile-based information system. In order to verify the suitability of the suggested model, more than 89.3% of the checklists were verified as suitable in all domains.

A Study on Applied Orientations of Management Science Technique in Police Audit Planning Process (경찰감사 기획과정시 관리과학기법 응용방안)

  • Kim, Jeong-Heon;Song, Keon-Sup
    • Korean Security Journal
    • /
    • no.5
    • /
    • pp.109-130
    • /
    • 2002
  • As proceeding Munmin and Kukmin's government, it is to bring in regionalism of genernal public administration and police administration, specialization, efficiency issue, demand inventing of audit technique to meet this trends. Especially, according to supporting qualitative improvement of the audit, its environment faced that orienting performance audit emphasis on not the legality but the efficiency more systematic and scientific theory or technique. In order to attain police audit's efficiency through performance audit, this study discussed that scientific management techniques should be applied police audit. Accordingly, the primary purpose of this study is to apply public audit to scientific management technique, bring to light limits in public sector(especially, police sector). To be efficiency audit(namely, performance audit), 1) OR techniques are explained linear programming, network modeling, PERT/CPM, queuing matrix model, simulation, 2) Statistical analysis methods are argued delphi technique, data envelopment analysis(DEA), analytic hierarchical process(AHP), time series analysis models etc.

  • PDF

A Design of University Information System Operation Audit Model based on ITIL V3

  • Kim, Hee-Wan;Kang, Bo-Ra;Kim, Dong-Soo;Moon, Song-Chul
    • Journal of Information Technology Applications and Management
    • /
    • v.25 no.3
    • /
    • pp.29-41
    • /
    • 2018
  • The purpose of constructing university information system is for improvement in diversification and throughput of information, streamlines business processes, rapid exchange of information, sharing of information, decision-making information, and securing educational facilities. Similar to business information technology system, university information system does not have a review system for sharing and overlapping investment of information. Due to the lack of project management for outsourcing and vulnerability of system suitability, system audit is absolutely needed for the university information system. This paper especially focuses on an operational phase in the audit of university information system. Additionally, we proposed operating model and checklists of the university information system based on Management Guidelines of ITIL V3 Operational and Information System. We derived the checklists of operation audit by each domain of service strategy, service design, service transition, service operation, and continual service improvement. As the result, this study appear to have more than average satisfaction the suitability results were.