• Journal of Information Technology Services
• /
• v.11 no.4
• /
• pp.107-121
• /
• 2012

The core infra-technology in the ubiquitous era, RFID which has taken action from the public institution with the pilot projects as well as the practical projects is gradually extending its spectrum to the private enterprises. Along with its expansion, the audit required on the RFID-based information system is also growing in the industry. Especially, since RFID-based information systems, especially compared to other information systems, are likely to be exposed to many threats, the security audit for them is being emphasized. This paper suggests security audit checking items for the RFID-based information system, which can be used to perform the efficient security audit. The security audit checking items consist of eight basic checking items, each of which consists of detailed review items and can be applied for each building steps of the system(analysis, design, implementation, testing, and development). Finally, this paper confirmed the efficiency of the security audit checking items proposed in this paper through survey by the experienced auditors and analysis of practical audit cases.

• The Journal of Asian Finance, Economics and Business
• /
• v.8 no.2
• /
• pp.243-253
• /
• 2021

This study aims to examine (1) the association between the chief executive officer tenure and audit quality, (2) the relationship between chief executive officer duality and audit quality, (3) the association between board independence and audit quality, (4) the relationship between board size and audit quality, and (5) the role of controlling variables (client size, leverage debt, and business complexity) in controlling these relationships. The research sample includes 325 financial reports from manufacturing firms listed in Amman Stock exchange over the 2014-2018 period. The study relationships are tested by using logistic regression. The results revealed a negative relationship, but not significant between CEO tenure and independent directors with audit quality. In addition, the results showed there is a negative effect of CEO duality on audit quality; also the results revealed that there is a statistically significant effect on the board of directors (board size) on the AQ. In general, the coefficient estimates of controlling variables show that client size and leverage debt positively affect audit quality, and on the contrary, business complexity has an insignificant positive relationship with audit quality. The summary of the study findings play an active role to external auditor opinion on business practice in towered the corporate governance system.

• International Journal of Advanced Culture Technology
• /
• v.9 no.1
• /
• pp.210-217
• /
• 2021

In the case of an agile-based project, it was inadequate to perform a comprehensive inspection and evaluation on the establishment and operation of an information system by performing audit only with the audit and inspection elements provided by the existing information system audit and inspection system. In particular, in the case of the test activity area, it was necessary to improve the test activity audit check items to comprehensively check the agile-based development process by applying the existing audit system. To this end, a test activity improvement check model of the agile methodology audit model was presented by applying the repetition concept, a characteristic of the agile methodology. In order to empirically verify the model of this study, a survey was conducted for auditors and designers/developers who have experience in performing agile-based projects and auditing information systems. As a result of the questionnaire on the integrated test and system test in the test stage, more than 70% of the respondents were found to be suitable. More than 80% of the respondents judged that it was appropriate as a result of the questionnaire on "improvement and regression test progress according to integrated test and system test results" and "integrated test and functional actions of components and subsystems".

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.12 no.19
• /
• pp.89-98
• /
• 1989

This research addresses the most sophisticated level of complexity of current electronic data processing(EDP) technology realtime, distributed data base(DDB) system. The major objective is to develop guidelines for the control and audit of these sophisticated system, since the control and audit philosophies, control features, and audit techniques applicable to traditional EDP systems are no longer fully appropriate for, or relevant to, these stat-of-art systems. An attempt is made to develop an internally consistent audit and control Conceptual Framework summarizing and integrating the material developed in this research, which then leads into the analysis of the control and audit model.

• Journal of Information Technology Applications and Management
• /
• v.11 no.2
• /
• pp.167-178
• /
• 2004

Different from traditional development methodologies like waterfall model, the CBD (component based development) methodology relies on a building block approach in the design and development of information system. The audit procedure and checklist for the traditional IS development methodology are required to be modified to be suitable for CBD. This research reviewed IS audit guidelines for the existing development process and analyzed multiple projects that employed the by component based development process. For the purpose of this study, we chose a governmental project and a next-generation IS project of a financial agency as sample cases. By comparing existing IS audit checklists and items actually reviewed in audit projects, this study identified appropriate check items for the CBD-centric audit program. New items were proposed as additional items such as project control in management phase, usage case and conceptual model establishment, component evaluation and design, in implementation phase, and so forth. The result of the research provides new guidelines for the audit CBD projects for the purposed of increased efficiency and qualify of application development projects.

• Journal of the Korean Professional Engineers Association
• /
• v.34 no.4
• /
• pp.65-68
• /
• 2001

The role of information system(IS) audit is growing more important according to rapid change of Information technology. This article is to introduce what is IS audit, purpose and effect of IS audit. Now most clients of private IS audit services companies are the public sector. Korean public sectors invest a lot of money to build or implement their information system. Most of their systems are developed by system intergration companies. But they do not have professional engineers to evaluate and review outsourced information system. Therefore they must use outside private professional engineers for sysem auditing. We, including writer, established the first IS audit sevice company in Korea on September in 1997. After that about 15 IS audit service companies are established until now. The effect of IS audit is highly evaluated In public sector by the clients Most clients think IS audit service contributed to upgrade the quality of software and standard the methodology of developing system

• Journal of the Institute of Electronics Engineers of Korea TC
• /
• v.41 no.10
• /
• pp.11-16
• /
• 2004

This paper proposes the overload reduction method for the connection information audit processor in ATM switch. Based on this method, we design the simple IPC exchange method and non-stop auditing method for IPC loss. We evaluate the performance about the proposed Audit method. At the result of evaluation, we figure out that the p개posed audit method reduces the load of call control processor because of a fewer IPC and prevent stopping audit function for IPC loss because of requesting the lost connection information again. Therefore, we confirm that the proposed audit method can reestablish a Mismatched connection information with a little load and elevate correctness about audit function.

• Journal of Information Technology Services
• /
• v.3 no.1
• /
• pp.117-126
• /
• 2004

In this study an evaluation method is proposed, with the strong relationship between the ante and post audit works evaluation. The ante evaluation does in general and systematic ways, with past audit results and proposals. The criteria-based evaluation is used for the audit activities and outputs. The critical success factors for the projects applies to the activities evaluation and product evaluation framework to the output. The ante and post evaluation have the cross evaluation items to be the whole and continuous one. Eighteen common evaluation items are derived, with their own evaluation elements in detail, which have only differences of the actually done and expectations between the ante and post. The proposed evaluation makes the ante and post one to be related with each other in a systematic and objective ways, to enhance the reliability of audit results and effectiveness of the audit.

• KSCI Review
• /
• v.11 no.1
• /
• pp.9-17
• /
• 2003

Along with trends of other countries, the Ministry of Information and Communication in Korea decided to operate an Information System Audit Institution for raising qualify of computer network facilitated in state organ and public institution, and to construct effective construction of information system. The aim of the audit institution is applying it to public information business, establishing an information system audit qualification system, and upbringing Private audit organs. The Ministry of Information and Communication realized that although the demand of information system area audit is explosively expanding, the National Computerization Agency cannot satisfies the demand and realize to have audit control for the information of national business as well. The Ministry of Information and Communication plan to enforce the audit on public information business by correlate with information business. The ministry enforce that the supervisory company has major roll to audit and national import business decided by the Information Promotion Committee is subject to have audit control. Therefore, in this paper, the contents of internal audit among internal/external audit will be presented.

• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.185-196
• /
• 2012

Information system operation principles were recently established in order to provide high quality service and efficient operation audit of IT outsourcing. Operation managements are done based on these principles. Therefore, information operating management process, which refers to itself, is established. Information system operation audit requires a constant audit regularly, which is different from construction/development audit that is done only once. As operating management process changes, operation audit guidelines should be updated and improved. Therefore, this paper proposes IT outsourcing operation audit model with IT outsourcing achievement management as a focus. IT service domain was referred in order to propose information system operation audit model and check lists, which are based on IT outsourcing operation managements such as planning, making strategies, contract, service, and management. The deduced audit model and check lists verified suitability of the proposed model by experts' survey.