• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.185-196
• /
• 2012

Information system operation principles were recently established in order to provide high quality service and efficient operation audit of IT outsourcing. Operation managements are done based on these principles. Therefore, information operating management process, which refers to itself, is established. Information system operation audit requires a constant audit regularly, which is different from construction/development audit that is done only once. As operating management process changes, operation audit guidelines should be updated and improved. Therefore, this paper proposes IT outsourcing operation audit model with IT outsourcing achievement management as a focus. IT service domain was referred in order to propose information system operation audit model and check lists, which are based on IT outsourcing operation managements such as planning, making strategies, contract, service, and management. The deduced audit model and check lists verified suitability of the proposed model by experts' survey.

• Journal of Digital Convergence
• /
• v.10 no.6
• /
• pp.71-82
• /
• 2012

The interest in SLA in accordance with the development of IT outsourcing has increased due to the rapid development of information systems. Moreover, an awareness and necessity for the Information System Operating Audit has increased while an effective IT service management operations for information systems is needed desperately. However, information system operations and maintenance instructions of the National Information Society Agency operates due to the current information system operation, but the experience and the interpretation of the auditor determine the decision in the field. This paper introduces an operating audit model for the efficient management. This model is derived from the Korea Information Society Agency's operating instructions of the Information Systems Audit and their inspection services. The audit checklists were derived from the areas of service planning, service delivery, service support, and service management. Consequently, the operating audit model was proposed, and the suitability of this model was verified by experts' opinions on the survey.

• Journal of Digital Convergence
• /
• v.10 no.9
• /
• pp.123-136
• /
• 2012

Web applications are widely used by the development of the Internet, but there are no separate audit model for a web-based information systems. Information business has a wide variety of characteristics. So, web-based information system audit model is needed. Therefore, a web-based information system audit model was proposed to enhance the effectiveness of audit and to increase the quality. Audit check lists were applied based on three sets of existing information audit check framework. An audit point of time was defined as analysis, design, and implementation. An audit domain was defined as contents, design, and process. Moreover, audit viewpoint and inspection standards were defined by setting standards of process, product, and performance. Moreover, this paper proposes differences between an existing model of information system development methodology and web-based information system. It also deduced audit checklists according to audit domains for web-based information system audit. The deduced audit checklists were verified for its suitability by conducting surveys, and the modified audit inspection model, in which the deduced audit checklists were applied, was proposed.

• Journal of Digital Convergence
• /
• v.12 no.1
• /
• pp.229-239
• /
• 2014

Smartwork technology, using teleworking, smartwork centers and mobile terminal, provides a flexible work environments without constraints of time and space. Smartwork system to increase the work efficiency has the information protection threats according to their convenience. Thus, in order to build smartwork, it is proper to provide information protection audit to help ensure the information protection. In this paper, we have proposed an infortaion protection audit model at the practical and technical level for building a smartwork environment. We were classified as a terminal, network and server area for information protection, and derived a professional information protection check items. Further, by establishing a smartwork information protection audit time to map ISMS control items, we have proposed an audit model so that it is possible to improve the security and efficiency. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check items correspond with the purpose of the smartwork information protection audit to auditors and IT specialists. As the result, this study was 97% satisfaction out of 13 check items.

• Journal of Advanced Navigation Technology
• /
• v.18 no.6
• /
• pp.609-618
• /
• 2014

Information system audit, by checking overall matters about constructing and managing information system, has to contribute to improvement of information system's quality and improving performance of projects. For this, an auditor has to present objective corroborative facts which back up result of audit and ways of improvement, but in reality, general(especially businessmen's) cognition is that audit is biased by way too subjective opinions. Local experience and theoretical research until now propose that tools of automating audit will be an active means of systematically collecting and proposing these objective evidences of audit. This research not only verified that in the field of audit, phenomenon of technology application can be explained and predicted by applying TAM, but it also contributed in extending theoretical base on information technology and audit by distinguishing several characteristics which appear in the process of the model's application and analysis.

• 한국IT서비스학회:학술대회논문집
• /
• 2006.11a
• /
• pp.449-454
• /
• 2006

본 연구는 감리품질에 따른 감리성과와 프로젝트성과에의 영향으로 감리의뢰기관이 해당 감리기관에 재구매의도 또는 재계약의도에 대한 영향을 조사하였다. 연구결과, 설정된 연구모형을 중심으로 전반적인 분석을 수행하였으며, 경로분석 결과 모든 영향관계가 유의한 것으로 나타났다. 감리품질이 프로젝트성과와 감리효과 및 만족도에 정의 유의한 영향을 미치는 것으로 나타나 프로젝트성과와 감리 효과 및 만족도를 향상시키기 위해서는 감리품질뿐만 아니라 감리품질에 영향을 미치는 감리서비스요인에 대해 판단할 필요가 있으며, 감리효과와 만족도가 높으면 재구매에 정의 영향을 미치고, 프로젝트 성과가 높으면 재구매에 정의 영향을 미치는 것으로 나타났다.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.133-145
• /
• 2014

Recently, Hospital information systems have the large databases by wide range offices for hospital management, health care to improve the quality of care. However, hospital information systems for information security measures are insufficient. Therefore, when we construct the hospital information system, we have to audit the information security measures for them, and we have to manage the ISMS(Information Security Management System) to maintain the information protection level through the risk managements. In this paper, we suggested the hospital information security audit model for the protection of health information privacy by the current hospital information systems, information security management system(ISMS), and hospital information security requirements and threats. We derived the check items compared with ISO27799 reflected the characteristics of the hospital. We classified the security domains as the physical, technical, administrative domain, and derived the check items for information security. We also designed the check lists by mapping the ISO27799 risk management process to improve the security and efficiency simultaneously. Our model by the five-point scale survey of IT experts was verified the suitability with the average of 4.91 points.

• 한국IT서비스학회:학술대회논문집
• /
• 2006.05a
• /
• pp.380-387
• /
• 2006

정보화가 급격히 확산되면서 정보화로 인한 파급효과와 더불어 정보화의 위험과 역기능 방지와 정보시스템의 품질을 제고하기 위한 최적의 방법중 하나로서 정보시스템 감리에 대한 중요성과 그 수요가 증가하고 있다. 더불어 감리내실화와 신뢰성제고를 위한 기술연구와 제도연구도 지속적으로 수행되어왔다. 많은 감리의뢰기관이 감리자체를 시업성공을 위한 품질보증 및 생산성 향상을 도모하기 위해 실시하는 중간평가로 보지 않고 있고, 감리인의 학력.경력.자격수준 및 신기술에 대한 이해도, 숙련도 부족과 감리대상업무파악 미흡으로 현장감각이 부족하여 실제보다 형식에 치우쳐 있다. 따라서, 정보시스템 감리의 서비스품질이 상대적으로 취약하여 감리의뢰기관이나 피감리 기관으로부터 신뢰를 얻지 못하고 있다. 본 연구에서는 마케팅분야의 서비스품질평가모형을 일부 도입하여 감리서비스 품질요인과 감리품질 또는 감리충실도간의 관계를 규명하고, 나아가서 감리충실도에 영향을 끼치는 요소는 외적서비스요인과 내적서비스요인으로 구분하였으며, 이요인들이 감리충실도에 미치는 영향을 규명코자 하였다, 더불어 감리충실도가 감리효과 및 만족도와 프로젝트성과에 미치는 영향을 규명코자 하였다.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.05a
• /
• pp.363-370
• /
• 2003

지금까지 국내 보안감리 평가는 정성적인 평가에 머물러 있어 평가를 담당하는 감리인마다 평가 결과가 서로 상이하여 피 평가자에게 신뢰를 심어주지 못하는 결과가 초래되고 있다. 본 연구에서는 보안감리에 대한 국내의 연구와 해외 사례를 참조하여 SI사업에서의 보안감리평가 효율성을 제고할 수 있는 방안 및 평가체계를 정량화하는 방안을 제시하였다. 이를 위해 SI사업의 소프트웨어 개발 및 개발 환경(네트워크, 서버 등)을 중심으로 한국전산원에서 제시하고 있는 보안감리 지침과 한국정보시스템감리인협회의 보안관련 세부 감리지침을 통합하고 세부 감리지침에 따른 평가를 정량화 하였다. 보안감리 평가의 정량화 방안에 대한 감리전문가의 인터뷰와 사례 프로젝트의 적용을 통하여 연구 모형에 대한 검증을 실시하였다.

• Journal of Korea Society of Industrial Information Systems
• /
• v.16 no.5
• /
• pp.197-205
• /
• 2011

Since Intelligent Transport Systems(ITS) is a complex project combining technology and system of transportation, information and communication and civil engineer, it needs a specialized management activities. However, it is difficult to judge who has responsibility for a shoddy and fault construction since the role between project management and supervision is very ambiguous. The aim of this study is propose an efficient project management and supervision for ITS reflecting the characteristics of ITS. Therefore, we suggest a statistical models using nonlinear regression model to prepare the project management and supervision compensation criteria, hence, we choose the realistic and validation statistical model.