• Title, Summary, Keyword: auditing

Search Result 238, Processing Time 0.042 seconds

Perceived Effects of IS Auditing on Software Development Process (소프트웨어 개발 프로세스 관점에서 본 감리의 인지된 효과성 분석)

  • 정승렬;이재정
    • The Journal of Information Technology and Database
    • /
    • v.8 no.1
    • /
    • pp.67-80
    • /
    • 2001
  • Information Systems (IS) auditing has been know to be helpful in developing optimal IS and managing information resources successfully. The public sector of Korea has witnessed the rapidly growing demand for IS auditing. However, there is a dearth of research that evaluate the effects of IS auditing. This study assesses the impacts of IS auditing based on a process perspective. In order to evaluate the effects objectively and properly, the current study collected empirical data from 58 firms. This stuuy confirmed that IS auditing was a very effective tool for successful IS implementation. The results show that IS auditing improves “project management”, “support”, and “engineering” practices while it does not make any impact on “contract” practice. In general, IS auditing has a tremendous impact on facilitating organization’quality improvement efforts.

  • PDF

A Study on Batch Auditing with Identification of Corrupted Cloud Storage in Multi-Cloud Environments (손상 클라우드 식별 가능한 다중 클라우드 일괄 감사 기법에 관한 연구)

  • Shin, Sooyeon;Kwon, Taekyoung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.1
    • /
    • pp.75-82
    • /
    • 2015
  • Recently, many public auditing schemes have been proposed to support public auditability that enables a third party auditor to verify the integrity of data stored in the remote cloud server. To improve the performance of the auditor, several public auditing schemes support batch auditing which allows the auditor to handle simultaneously multiple auditing delegations from different users. However, when even one data is corrupted, the batch auditing will fail and individual and repeated auditing processes will be required. It is difficult to identify the corrupted data from the proof in which distinct data blocks and authenticators of distinct users are intricately aggregated. In this paper, we extend a public auditing scheme of Wang et al. to support batch auditing for multi-cloud and multi-user. We propose an identification scheme of the corrupted cloud when the data of a single cloud is corrupted in the batch auditing of multi-cloud and multi-user.

Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy

  • Yu, Haiyang;Cai, Yongquan;Kong, Shanshan;Ning, Zhenhu;Xue, Fei;Zhong, Han
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.10
    • /
    • pp.5039-5061
    • /
    • 2017
  • Cloud storage becomes a new trend that more and more users move their data to cloud storage servers (CSSs). To ensure the security of cloud storage, many cloud auditing schemes are proposed to check the integrity of users' cloud data. However, most of them are based on public key infrastructure, which leads to complex certificates management and verification. Besides, most existing auditing schemes are inefficient when user uploads a large amount of data or a third party auditor (TPA) performs auditing for multiple users' data on different CSSs. To overcome these problems, in this paper, we propose an efficient and secure auditing scheme based on identity-based cryptography. To relieve user's computation burden, we introduce a proxy, which is delegated to generate and upload homomorphic verifiable tags for user. We extend our auditing scheme to support auditing for dynamic data operations. We further extend it to support batch auditing in multiple users and multiple CSSs setting, which is practical and efficient in large scale cloud storage system. Extensive security analysis shows that our scheme is provably secure in random oracle model. Performance analysis demonstrates that our scheme is highly efficient, especially reducing the computation cost of proxy and TPA.

Evaluation of Auditors' Professional Skills in Local Auditing Firms in Hanoi

  • NGUYEN, Thi Hanh Duyen;LE, Van Luyen;HAU, Nguyen Van;DO, Duc Tai;THAO, Nguyen Thi Thu
    • The Journal of Asian Finance, Economics, and Business
    • /
    • v.7 no.9
    • /
    • pp.583-591
    • /
    • 2020
  • In recent years, the quality of auditing human resources in domestic auditing firms in Hanoi has certain limitations in which professional skills of auditors have not been given adequate attention. The number of customers at local auditing firms is forecast to increase gradually. Therefore, the quantity and quality of auditors need to be improved to meet requirements of the workload. Data for this research were collected through surveying 120 customers of domestic auditing firms in Hanoi on the 5-point Likert scale. Based on the collected data, we employ both qualitative and quantitative methodology along with some tools such as descriptive statistics, Cronbach's Alpha, T-test and ANOVA to analysis, evaluate and measure the professional skills of auditors in local auditing firms in Hanoi. The results show that the professional skills of auditors in auditing firms include 17 attributes. The majority of respondents show appreciation for the professionalism and professional competence of auditors, while, they think that critical thinking skills and creative thinking skills are still limited and need to be improved. These findings, not only help auditors to improve themselves, but also provide solutions for managers of domestic auditing firms in Hanoi to enhance quality of audited human resources.

A Study on Optimal Auditing Under the Living Wage System (생계급여하에서의 최적 소득조사)

  • Yoo, Hanwook
    • KDI Journal of Economic Policy
    • /
    • v.31 no.1
    • /
    • pp.207-237
    • /
    • 2009
  • One of the main problems in Korea's public assistance program, the NBLS (National Basic Livelihood Security), is that the loophole of welfare system is continuously growing. Living wage program is the largest sub-program of the NBLS, and the most important determinant of amount of living wage for each beneficiary is the level of reported income. Therefore, accurate and effective income detection is essential in improving policy effects and furthermore reducing the leakage of wage expenditure as beneficiaries always have an incentive to underreport their income. Since most of them do not pay income tax, the welfare authority should exert an independent effort to effectively detect their income. Considering that living wage is a special kind of income tax of which marginal tax rate is -1, one can apply a classical theory of tax evasion to understand illegal or excessive receipt of living wage caused by income underreporting. Utilizing a classical theory given by Alingham and Sandmo (1972), this paper provides a theoretical analysis of the optimal income reporting of the beneficiary. Then an optimization problem is constructed from the government's viewpoint to derive optimal income detecting device (auditing). This paper proves that cut-off discriminated auditing outperforms random auditing and cut-off auditing which implies if the government assigns a positive audit probability to every reported income less than a certain level and the probability is inversely proportional to the level of reported income, it can minimize underreporting and then gradually reduce the leakage of wage expenditure.

  • PDF

Improving efficiency of remote data audit for cloud storage

  • Fan, Kuan;Liu, Mingxi;Shi, Wenbo
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.4
    • /
    • pp.2198-2222
    • /
    • 2019
  • The cloud storage service becomes a rising trend based on the cloud computing, which promotes the remote data integrity auditing a hot topic. Some research can audit the integrity and correctness of user data and solve the problem of user privacy leakage. However, these schemes cannot use fewer data blocks to achieve better auditing results. In this paper, we figure out that the random sampling used in most auditing schemes is not well apply to the problem of cloud service provider (CSP) deleting the data that users rarely use, and we adopt the probability proportionate to size sampling (PPS) to handle such situation. A new scheme named improving audit efficiency of remote data for cloud storage is designed. The proposed scheme supports the public auditing with fewer data blocks and constrains the server's malicious behavior to extend the auditing cycle. Compared with the relevant schemes, the experimental results show that the proposed scheme is more effective.

The Design and Implementation of Test Phase Audit System (테스트 단계 감리시스템 설계 및 구현)

  • Gwon, Dae-Gon;Han, Pan-Am
    • The Transactions of the Korea Information Processing Society
    • /
    • v.7 no.5
    • /
    • pp.1409-1418
    • /
    • 2000
  • Auditing plays a very important role in the process of developing and managing good quality software. The software developing proces should be audited precisely especially in the test phase. Up to the present, because auditing has depended on the auditor's experience of developing and auditing software, it has been impossible to audit objectively. It is limited to audit systematically and objectively because auditing process isn't systematized. In this paper, the auditing model to solve several problems in present auditing is suggested, a test phase audit system is developed, and the system is applied to the actual auditing process. Consequently, software administrators can establish effective software management, software developers can be supported by a highly reliable and quality software development tool, and auditors can be offered an objective audit standard.

  • PDF

Guidelines for Integrated Systems Auditing (통합경영시스템 심사지침)

  • Choi Sung-Woon
    • Proceedings of the Safety Management and Science Conference
    • /
    • /
    • pp.323-330
    • /
    • 2006
  • This paper is to introduce guidelines for integrated systems auditing. International standards such as ISO 19011, ISO 9001 and ISO 14001 are considered. This study is to discuss guidelines for quality and environmental management systems auditing and requirement with guidance for use.

  • PDF

Secure and Efficient Privacy-Preserving Identity-Based Batch Public Auditing with Proxy Processing

  • Zhao, Jining;Xu, Chunxiang;Chen, Kefei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.2
    • /
    • pp.1043-1063
    • /
    • 2019
  • With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

Developing the Auditing Methodology and Strategic Planning of Rural Amenity Resources Investigation (농촌어메니티 자원조사감리방법론 개발과 전략계획)

  • Seo, Bo-Hwan
    • Journal of Korean Society of Rural Planning
    • /
    • v.14 no.2
    • /
    • pp.99-110
    • /
    • 2008
  • The purposes of this paper are first, to develop and adapt auditing methodology of rural amenity resource investigation and second, to propose strategic planning of amenity web data base system. Relating with auditing methodology, we make the life cycle of rural amenity resource investigation based on value chain method. we make 8 stage of auditing process and 105 auditing items in details. We adapt these guidelines in real world and then improve developed methodology. Therefore we expect to promote the quality and accuracy of investigation project using these guidelines. Relating with blue print of strategic planning, we first analyse external environment about Competitors, Suppliers, New entrants, Buyers, Substitutes with 5 force model for amenity information system. We second make the blue print of strategic planning of amenity web data base system project. Then we propose the FIRST, BEST, MOST strategy of amenity web data base system and the web hub system.