• Proceedings of the Korea Information Processing Society Conference
• /
• 2010.11a
• /
• pp.315-317
• /
• 2010

본 논문에서는 u-City 감리를 위한 정보시스템감리와 정보통신공사감리의 통합된 감리점검프레임워크를 제시하였다. 이를 위하여 먼저 u-City 감리점검프레임워크의 요구사항을 정리하였으며, 기존의 정보시스템 감리점검 프레임워크와 정보통신감리 프레임워크를 간략히 소개한 후, u-City 감리를 위한 정보시스템감리와 정보통신공사감리의 통합된 감리점검 프레임워크를 제시하였다.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.5
• /
• pp.179-186
• /
• 2019

Information system audit, which provides effective diagnosis and inspection of IT governance, is applied to all aspects from planning to development and operation. However, there is a difficulty in carrying out the audit because the system for the specialized university IT project is not developed. Therefore, it is necessary to set the internal system as the audit-based application framework in order to apply it to university IT governance. In this paper, we propose a audit-based application framework of university information system developed for university. The framework has a difference from the existing audit system. By using this framework, it is possible to present a standard for the university IT project and easily approach and use it in the field. And it can be used for direct audit through this framework in the level of the auditor as well as the HQ admin. The framework categorizes the audit into three major dimensions and suggests a method that can be applied to the university information system audit through the UAFP(University Audit Framework Process) and quality assurance.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2002.04b
• /
• pp.1163-1166
• /
• 2002

ASP서비스는 사용기업의 데이터를 외부의 데이터센터에 위치시키고, 데이터에 대한 사용권만을 제공하는 극단적인 외주 형태의 서비스이다. 따라서 ASP서비스는 보안문제와 서비스 제공업체의 신뢰성 문제가 어떤 형태의 정보시스템보다 크게 부각된다. 이러한 ASP서비스에 대한 신뢰성과 효율성 확보를 위한 감리 프로세스는 필수적일 것이다. 본 논문에서는 ASP서비스에 대한 감리 프로세스를 제안한다. 우선, 기존의 정보시스템 감리의 정의를 통하여 ASP감리의 정의를 도출하고, ASP프레임워크를 제안하며, 제안된 프레임워크에 따른 통제항목을 설정한다. 마지막으로 검증단계에서 ASP감리 프레임워크를 기존의 정보시스템 감리 프레임워크와 비교분석하고, ASP서비스 수명주기 세부활동 별 통제항목의 중요도를 산출한 설문을 통해서 통제항목의 타당성을 검증한다.

• Journal of the Korea Society of Computer and Information
• /
• v.15 no.4
• /
• pp.107-118
• /
• 2010

The user interface is the medium, which provides the users to have an access to the web-based information system. The user interface is the means of improving usability and accessibility for the user, as well as being the core component in the web-based information system. In this paper, the audit framework of the user interface was developed to upgrade the usability and accessibility; it was based on the three basic components of the current audit framework in the web-based information system. At the time of an audit, the UI process of the 'Analysis', 'UI Design', 'UI Production', and 'Test' was defined, which was analyzed through the web development methodology. Also, for the area of an audit, the 'Information', 'Design', and 'Technology' were defined by the analysis of the components that makes up the user interface, From the view of an audit, the standard criteria of an assessment were set as 'Usability', 'Accessibility', and 'Cross Browsing'. Through the framework that was proposed in this paper, practical audit applies the performed examples. By this, the efficiency of the proposed framework was verified.

• Journal of Service Research and Studies
• /
• v.7 no.3
• /
• pp.21-36
• /
• 2017

Recently in information business, managing and auditing are getting more difficult because of enlargement, intellectualization and convergence. In addition, ordering organizations have been having a difficult time choosing a service because not only there is a huge overlap between information audit system and PMO but also the work boundaries of those two are not clear enough. As the demand that a business managing and auditing frame work need to be more developed in terms of independence, quality, economic feasibility and responsibility has been increased, the Korea Association Of Information Systems Audit has been attempting to improve business management and audit system by proposing Unified Project Management Framework whose process is approximately constructed. This study introduces Unified Project Management Framework which is all-encompassing from the ordering at the very beginning of business to the operating in the post-processing step and then verifies its work scope through a comparative analysis with existing management systems. Also, this thesis examines the necessity of unification of audit system and PMO by analysing existing similar systems. At the end, this study, analyses the suitability of Unified Project Management Framework by evaluating it with IT goal frame of COBIT5 which is constructed based on BSC performance management index. The result of the analysis is expected to help people in charge understanding the features of Unified Project Management Framework before they apply it to practical business.

• 한국IT서비스학회:학술대회논문집
• /
• 2003.11a
• /
• pp.383-389
• /
• 2003

정보시스템의 효과적인 개발 및 운영을 지원하기 위한 활동에는 품질 보증, 감리 등이 있다. 이중에서 감리는 정보시스템의 전체 개발 수명주기에 걸쳐서 시스템의 품질을 개선시키기 위한 핵심활동이라고 할 수 있다. 현재 공공 정보시스템 감리는 기존의 정보시스템감리기준(정보통신부고시제1999-104호)를 활용하여 수행하고 있지만, 감리영역이나 점검사항이 현재 IT 환경과 맞지 않고 실제 감리에 적용하기 어렵다. 또한, 정보시스템 개발수명주기에 걸쳐서 감리를 수행해야함에도 불구하고, 현실은 그렇지 않으며 수명주기별 감리기준도 명확하지가 않다. 본 연구에서는 ISACA(Information Systems Audit and Control Association)의 COBIT(Control Objectives for Information and related Technology)와 IT 관련 국제 표준들을 벤치마킹하여 정보시스템 감리프레임워크를 제시하였고, 이의 운영 및 활용 방안을 제안하였다.

• Review of KIISC
• /
• v.34 no.4
• /
• pp.61-66
• /
• 2024

ISO TC307에서 개발 중인 23353(Blockchain and distributed ledger technologies - Auditing guidelines: 블록체인과 분산원장 기술 감리 가이드라인) 표준은 기존 IT 시스템 감리와 달리 블록체인(BC, BlockChain)과 분산원장 기술(DLT, Distributed Ledger Technology) 기반 시스템에 대한 감리이다. ISO 23353의 주요 내용은 감리 원칙, BC/DLT 시스템의 위험, 감리 프레임워크, BC/DLT 감리 프로그램 관리 및 수행 절차 등이며. BC/DLT 감리에 있어 고려해야 할 위험, 통제 목표 및 통제 식별 방안 등에 대한 가이드 제공을 목적으로 한다. 한국이 주도적으로 개발하고 있는 ISO 23353은 블록체인 산업 활성화 촉진과 더불어 디지털 금융 산업에서 주도적 위치를 확보하는 데 긍정적으로 작용할 것이다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.139-148
• /
• 2008

Information technology have led to change the automation of large industrial control system as well as business system and environments. Industrial control system(ICS) is vital components of most nation's critical infrastructures such as electricity, natural gas, water, waste treatment, transportation and communication that are based of national security, safety of citizen and development of national economy According to the change of business environment, organizational management pushed integration all of the system include MIS and ICS. This situation led to use standard information technologies for ICS, this transition has been to expose ICS to the same vulnerabilities and threats that plague business system. Recently government obliged owners of the public information system to audit for safety, efficiency and effectiveness, and also obliged the owners of national infrastructure to improve their system security as a result of vulnerability analysis. But there doesn't prepare a security architecture and information security auditing framework of ICS fur auditing. In this paper, I suggested the security architecture and information security auditing framework for ICS in order to prepare the base of industrial system security auditing.

• Proceedings of the CALSEC Conference
• /
• 2000.08a
• /
• pp.255-263
• /
• 2000

네트워크를 통해 어플리케이션을 임대해주는 정보시스템 서비스 모델인 ASP 모델이 IT 시장에서 새로운 비즈니스 모델로 등장하였다. 그러나 ASP 모델은 기존의 정보시스템 모델에 비해 특정 서비스에 많은 서비스제공자가 임시적으로 결합되고, 정보자산이 공중망과 데이터센터에 위치하는 특징을 가지고 있다. 그러므로 ASP 서비스를 성공적인 수행하기 위해서는 ASP 사업자가 서비스의 제공능력이 있는지에 대한 인증활동과 ASP 서비스 도입 및 운영과정이 적절하게 이루어지고 있는가에 대한 감리활동이 요구된다. 따라서 본 연구는 ASP의 특징을 분석하고, ASP 인증ㆍ감리 프레임워크를 설계를 수행하고자 한다. 이를 위해, 기존연구를 바탕으로, 분류기준을 기술적 계층, 수명주기, 공급자/고객의 관점이라는 세 가지 차원에서 정의하며, 각각의 세부항목 및 내용을 정의하고자 한다.

• Journal of the Korea Institute of Building Construction
• /
• v.24 no.1
• /
• pp.121-131
• /
• 2024

This research explores the potential of leveraging unstructured data from construction supervision documents, which contain detailed inspection insights from independent third-party monitors of building construction processes. With the evolution of analytical methodologies, such unstructured data has been recognized as a valuable source of information, offering diverse insights. The study introduces a framework designed to assess cost performance by applying advanced analytical methods to the unstructured data found in final construction supervision reports. Specifically, key phrases were identified using text mining and social network analysis techniques, and these phrases were then analyzed through binomial logistic regression to assess cost performance. The study found that predictions of cost performance based on unstructured data from supervision documents achieved an accuracy rate of approximately 73%. The findings of this research are anticipated to serve as a foundational resource for analyzing various forms of unstructured data generated within the construction sector in future projects.