• Journal of Digital Convergence
• /
• v.10 no.11
• /
• pp.185-196
• /
• 2012

Information system operation principles were recently established in order to provide high quality service and efficient operation audit of IT outsourcing. Operation managements are done based on these principles. Therefore, information operating management process, which refers to itself, is established. Information system operation audit requires a constant audit regularly, which is different from construction/development audit that is done only once. As operating management process changes, operation audit guidelines should be updated and improved. Therefore, this paper proposes IT outsourcing operation audit model with IT outsourcing achievement management as a focus. IT service domain was referred in order to propose information system operation audit model and check lists, which are based on IT outsourcing operation managements such as planning, making strategies, contract, service, and management. The deduced audit model and check lists verified suitability of the proposed model by experts' survey.

• Journal of Digital Convergence
• /
• v.11 no.5
• /
• pp.187-199
• /
• 2013

Since the supply of smart phones, a change in mobile environment brought a turning point called a mobile generation. Smart mobile office is a combined form of smart phones' new mobile environment and its social media. A construction of mobile office environment using smart phones brought revitalization of the smart phone market. CRM construction also became new requirements for a customer management. However, based on the current information system audit standard, check fields or check lists are insufficient to apply to audit for CRM construction in a smart mobile office environment. Therefore, this paper proposes a model for auditing CRM system construction in smart mobile office environment. It proposes audit domain and check lists of CRM construction. It also verified whether the proposed model is suitable or not by doing a survey if deduced audit domain and check lists correspond with the purpose of the CRM construction audit during smart mobile office environment. As the result, this study appear to have more than average satisfaction the suitability results were.

• Journal of Digital Convergence
• /
• v.10 no.9
• /
• pp.123-136
• /
• 2012

Web applications are widely used by the development of the Internet, but there are no separate audit model for a web-based information systems. Information business has a wide variety of characteristics. So, web-based information system audit model is needed. Therefore, a web-based information system audit model was proposed to enhance the effectiveness of audit and to increase the quality. Audit check lists were applied based on three sets of existing information audit check framework. An audit point of time was defined as analysis, design, and implementation. An audit domain was defined as contents, design, and process. Moreover, audit viewpoint and inspection standards were defined by setting standards of process, product, and performance. Moreover, this paper proposes differences between an existing model of information system development methodology and web-based information system. It also deduced audit checklists according to audit domains for web-based information system audit. The deduced audit checklists were verified for its suitability by conducting surveys, and the modified audit inspection model, in which the deduced audit checklists were applied, was proposed.

• Journal of Digital Convergence
• /
• v.11 no.8
• /
• pp.95-108
• /
• 2013

Agile development methods regards an interaction among software developers, operating softwares, and cooperation with customers as its main value. Most of the developing processes undergo a procedure called tailoring to meet the relevant project. Yet, in reality, projects run in disorder due to their overlap with other methods and management processes. As a result, the advantages of agile process cannot be fully used. So, the information system audit has an important role to detect these problems and improve the qualities of agile application projects. Also, researches should be conducted on Agile-based Iformation System Audit Model in order to enhance the effectiveness of agile projects. This paper suggests a model for an information system audit that applied agile developing methods. This model proposes audit domains and check lists for agile-based information system. In order to verify the suitability of the suggested model, more than 89.3% of the checklists were verified as suitable in all domains.

• Journal of Digital Convergence
• /
• v.12 no.7
• /
• pp.133-145
• /
• 2014

Recently, Hospital information systems have the large databases by wide range offices for hospital management, health care to improve the quality of care. However, hospital information systems for information security measures are insufficient. Therefore, when we construct the hospital information system, we have to audit the information security measures for them, and we have to manage the ISMS(Information Security Management System) to maintain the information protection level through the risk managements. In this paper, we suggested the hospital information security audit model for the protection of health information privacy by the current hospital information systems, information security management system(ISMS), and hospital information security requirements and threats. We derived the check items compared with ISO27799 reflected the characteristics of the hospital. We classified the security domains as the physical, technical, administrative domain, and derived the check items for information security. We also designed the check lists by mapping the ISO27799 risk management process to improve the security and efficiency simultaneously. Our model by the five-point scale survey of IT experts was verified the suitability with the average of 4.91 points.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.19 no.2
• /
• pp.211-219
• /
• 2019

Accomplishing information system, techniques, methodology have been studied continuously and give much help to auditors who are using them. Additionally audit report which is the conclusion of accomplishing ISA(information system audit), has law of a basis and phase with ITA/EA Law(Electronic Government Law). This paper is for better quality of ISA report. But it has more errors about sentence and Grammatical structures. In this paper, to achieve quality improvement objectives, it is necessary to recognize the importance of an audit report by investigating on objectives, functionality, structures and usability of a report firstly, and a legal basis, the presence of report next. Several types of audit reports were chosen and the reports errors were divided into several categories and analyzed. After grasping reasons of those errors, the methods for fixing those errors and check-lists model was provided. And based on that foundation, the effectiveness validation about real audit reports was performed. The necessity for efforts to improve the quality of audit reports was emphasized and further research subject(AI Automatic tool) of this paper conclusion. We also expect this paper to be useful for the organization to improve on ISA in the future.

• Journal of Digital Convergence
• /
• v.10 no.5
• /
• pp.251-266
• /
• 2012

Location Information is an information about a place where an individual exists or had existed. As smart phones are popularized, location information becomes more than simple information about the place. As a result, services using an individual's location information became the trend. However, problems arising from discharging Private Information can damage an individual, because it causes financial and economic loss but also detects individual's location and route directly. In realities, the guide that regulates Location Based Service for administering Private Location Information is insufficient. Therefore, this paper proposes check items, which contain standards of judicial action, financial loss ratings, importance of Private Location Information, and criticality of check lists, during the Private Location Information audit at the level of analysis, design, and management of the Information System, in order to prevent the infringement and disclosure of the Private Location Information. Moreover, the proposed check items were verified for its suitability by the professionals' survey.