• The Journal of Society for e-Business Studies
• /
• v.4 no.2
• /
• pp.197-208
• /
• 1999

With developing computer and communication technologies, the concept of CALS system has been popular not only to military but also to commercial industries. The security problem is one of the most critical issues to construct CALS infrastructure. The CALS system needs some security functions such that data confidentiality, integrity, authenticity, availability, and non-repudiation. This paper proposes a security architecture model in CALS. The security architecture model is composed of 5 submodels such that network security model, authentication and key management model, operation and audit model, integrated database security model, and risk analysis model.

• Journal of the Korean Mathematical Society
• /
• v.51 no.4
• /
• pp.735-749
• /
• 2014

This paper studies the asymptotic behavior of the finite-time ruin probability in a jump-diffusion risk model with constant force of interest, upper tail asymptotically independent claims and a general counting arrival process. Particularly, if the claim inter-arrival times follow a certain dependence structure, the obtained result also covers the case of the infinite-time ruin probability.

• Journal of the Korea Society of Computer and Information
• /
• v.17 no.10
• /
• pp.203-216
• /
• 2012

For the successful operation of the current organization, the importance of the information system is further increasing, and audit for the information system construction is also spreading according to the mandatory of information system audit. However our country's information system audit still does not deal with various risks and the improvement plan of it is desperately needed since bad practices are often happened while performing audit for the various information system projects. Therefore, this paper proposed improved review items for the quality improvement of information system construction by analysing data of information system audit projects and risk occurrence projects that are performed by the domestic large SI company during four years. In addition, this paper verified the effectiveness of the improved review items proposed in this paper by applying them to actual information system project examples.

• The KIPS Transactions:PartD
• /
• v.11D no.7 s.96
• /
• pp.1467-1476
• /
• 2004

The importance and demand about IS(information system) audit we increasing to raise quality of IS and prevention of the IS risk and dysfunction. Technology and system research for the substantiality and raising reliability of IS audit are continuously performed. But, there are misunderstanding of audit clients about IS audit, insufficiency of auditor's ability and misunderstanding of new technology and target business area. Therefore, is not getting trust from client or system integrator because service quality of IS audit is weak relatively. This study aims at survey correlation between audit service quality factor and audit quality, between audit quality and customer satisfaction. The results of this study are as follow. Auditor's ability, correspondence has a significant effect on audit quality, also audit quality on audit satisfaction, and Auditor`s ability, reliability has a significant effect on audit satisfaction.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.219-234
• /
• 2013

We introduced a framework of information systems audit methodology and applied to IS projects based on RFID/USN in six public organizations in South Korea. An analysis of five IS implementation projects shows the iterative technical specific risks are disclosed. The key 14 risk factors categorized into 4 classifications (Project Management, application, database, system architecture) which are based on the established IT audit framework in order to extend to the technology (RFID/USN) specific framework and apply to the other case as well. The implications of these findings for audit research and practice are discussed.

• Journal of Navigation and Port Research
• /
• v.34 no.9
• /
• pp.699-704
• /
• 2010

Recently, the navigation risk is increasing significantly with growing of vessels' volume and propelling marine facilities, water bridges and port development etc. As a result, Ministry of Land, Transport and Maritime Affairs enacted a new law called MSA(Maritime Safety Audit) as a comprehensive maritime traffic safety management scheme in order to ensure safety improvements from the early planning stage to post managing of the development which affect the maritime traffic environment. MSA as a tool for improving maritime traffic safety is a formal safety diagnosis assessment in the existing or future ship's fairway by an independent audit institute. It examines the potential hazards of maritime traffic safety about the port development, if necessary, and is to ensure the implementation of appropriate safety measures. The primary purpose of MSA is to identify potential risk elements affecting safe navigation. This paper is aimed to introduce the backgrounds, the necessity and efficiency of MSA and also to describe some technical standards and diagnostic procedures.

• The Journal of the Korea Contents Association
• /
• v.11 no.2
• /
• pp.88-100
• /
• 2011

This thesis suggests fixed quantity model and detailed performance procedures of an information system audit. In addition, an identification of the check-items with high operating risk and factors that might lead to serious effects on the business are made. Then, this thesis proposes the information system audit model that can grant priorities. By using this model, the orderer can evaluate objectively with digitized mark. The model can improve the effectiveness, reliability, and objectivity of the audit by minimizing the discrepancies of different opinions about audit evaluation results between auditee and the orderer. The proposed model is adapted to an application system and audit projects of the database construction. As a result, the model has received an equal mark from the result of the general reviews, thus the propriety of the proposed model was verified.

• The KIPS Transactions:PartD
• /
• v.9D no.3
• /
• pp.467-476
• /
• 2002

Importance of Information Systems in banking industry is higher than that of other industries. This study, based on a case study of a bank, analyzes the current status of information systems (IS) audit and proposes future directions in the area of IS control and audit. Major problems identified in the study include deficiency of IS and audit process, and inability of audit function to improve IS process. In addition, deficiency of staffing level and investment in R&D, and lack of competency and independence of audit staff are identified. In order to solve the problems, the following directions were proposed proper division of functions among audit related departments, utilization of outside audit function, and adoption of CSA, CAAT, career path program, risk-based audit approach. The results of the studs will provide valuable implications to banks and companies in other industries. Also the research framework employed in the study can be utilized in the future research in IS control and audit.

• Journal of Internet Computing and Services
• /
• v.17 no.6
• /
• pp.123-131
• /
• 2016

Process mining in big data environment utilize a number of data were generated from the business process. It generates lots of knowledge and insights regarding implementation and improvement of the process through the event log of the company's enterprise resource planning (ERP) system. In recent years, various research activities engaged with the audit work of company organizations are trying actively by using the maximum strength of the mining process. However, domestic studies on applicable sales auditing system for the process mining are insufficient under big data environment. Therefore, we propose process-mining methods that can be optimally applied to online and traditional auditing system. In advance, we propose continuous monitoring information system that can early detect and prevent the risk under the big data environment by monitoring risk factors in the organizations of enterprise. The scope of the research of this paper is to design a pre-verification system for risk factor via practical examples in sales auditing. Furthermore, realizations of preventive audit, continuous monitoring for high risk, reduction of fraud, and timely action for violation of rules are enhanced by proposed sales auditing system. According to the simulation results, avoidance of financial risks, reduction of audit period, and improvement of audit quality are represented.

• International Area Studies Review
• /
• v.21 no.4
• /
• pp.247-268
• /
• 2017

This paper analyzes for companies of 2011~2014 the effects of corporate social responsibility on audit efficiency. Using KEJI Index and its individual components which is published by Citizens' Coalition for Economic Justice Institute, this paper analyzes their effects on audit efficiency of audit fees and audit hours. The results of analyses are as followings. First, corporate social responsibility(CSR) composite index did not show any significant relationship between audit fees and audit hours. However, for analyses of the effects of CSR individual components on audit efficiency, variable such as CSR fairness(CSR2), CSR social contribution(CSR3), CSR environmental protection activity(CSR5) have the negative effects on the audit fees and audit time. and CSR customer protection(CSR4), CSR employee satisfaction(CSR6) have the positive effects on the audit fees and audit time. Results suggest that independent auditors may reduce audit risks associated with possible misrepresentation of financial statements for companies with high scores of CSR fairness (CSR2), CSR social contribution(CSR3), and CSR environmental protection activity(CSR5). Also, financial statement auditors may perceive surge of discretionary expenses, and set audit risk high for companies with CSR customer protection(CSR4), and CSR employee satisfaction(CSR6). Together, KEJI Index and its individual components appear to have differential effects on audit efficiency.