• Journal of Information Technology Applications and Management
• /
• 제11권2호
• /
• pp.167-178
• /
• 2004

Different from traditional development methodologies like waterfall model, the CBD (component based development) methodology relies on a building block approach in the design and development of information system. The audit procedure and checklist for the traditional IS development methodology are required to be modified to be suitable for CBD. This research reviewed IS audit guidelines for the existing development process and analyzed multiple projects that employed the by component based development process. For the purpose of this study, we chose a governmental project and a next-generation IS project of a financial agency as sample cases. By comparing existing IS audit checklists and items actually reviewed in audit projects, this study identified appropriate check items for the CBD-centric audit program. New items were proposed as additional items such as project control in management phase, usage case and conceptual model establishment, component evaluation and design, in implementation phase, and so forth. The result of the research provides new guidelines for the audit CBD projects for the purposed of increased efficiency and qualify of application development projects.

• International Journal of Advanced Culture Technology
• /
• 제9권1호
• /
• pp.210-217
• /
• 2021

In the case of an agile-based project, it was inadequate to perform a comprehensive inspection and evaluation on the establishment and operation of an information system by performing audit only with the audit and inspection elements provided by the existing information system audit and inspection system. In particular, in the case of the test activity area, it was necessary to improve the test activity audit check items to comprehensively check the agile-based development process by applying the existing audit system. To this end, a test activity improvement check model of the agile methodology audit model was presented by applying the repetition concept, a characteristic of the agile methodology. In order to empirically verify the model of this study, a survey was conducted for auditors and designers/developers who have experience in performing agile-based projects and auditing information systems. As a result of the questionnaire on the integrated test and system test in the test stage, more than 70% of the respondents were found to be suitable. More than 80% of the respondents judged that it was appropriate as a result of the questionnaire on "improvement and regression test progress according to integrated test and system test results" and "integrated test and functional actions of components and subsystems".

• The Journal of Asian Finance, Economics and Business
• /
• 제7권2호
• /
• pp.89-97
• /
• 2020

This study was conducted to examine how independent audit firms in Vietnam understand and use risk based audit approach (RBAA) in audit practice. To answer the research questions, the researchers used primary and secondary data collected from 2018 to 2019. The results from the interview survey showed that audit firms were aware of the advantages of adopting RBAA. However, RBAA is practiced to a moderate extent by audit firms in Vietnam. Big 4 audit firms use RBAA more popularly than Non-Big 4 audit firms. The causes of the difference are the disadvantages of adopting RBAA and client's characteristics such as relevant guideline, audit fees, auditors' knowledge and experience. Besides, the study investigated factors impacting on the RBAA adoption by distributing a questionnaire to 246 auditors of 126 audit firms in Vietnam. A set of statistical appropriate methods where used through SPSS software version 22.0. The results indicated that there were six factors influencing RBAA adoption including: Auditor's ability, Technological development, Audit fees, auditors' motivation, Audit time and client's risk. Of which, auditor's ability and technological development are factors that have the most significant and positive impacts on the adoption of RBAA. Additional implications were argued in the final section of this study.

• 정보처리학회논문지D
• /
• 제9D권3호
• /
• pp.467-476
• /
• 2002

은행업에 있어서 정보시스템의 중요성은 다른 산업에 비해서 매우 높다. 본 논문에서는 한 은행의 사례를 토대로 은행에서 실시하고 있는 정보시스템 감사 제도의 전반적인 현황을 분석하여 문제점 및 발전 방향을 제시한다. 주요한 문제점은 다음과 같다. 전반적으로 정보시스템 프로세스의 수행 정도가 미흡하고, 감사 실시 정도는 전반적으로 중요한 프로세스에는 적절히 대응하고 있으나 금융 및 전산사고 예방에만 초점을 맞추어 전략적인 측면의 대응이 미흡한 것으로 나타났다. 또한 감사 활동이 프로세스 수행에 긍정적인 영향을 미치지 못하고 있어서 감사 사후 관리를 개선할 필요성이 제기되었다. 감사 인력/조직적인 측면에서는 인력의 충원이 필요하고, 전략 기획 분야와 연구·개발 활동이 미흡하고, 감사인의 적격성 및 독립성 분야에서 기준 대비 미흡한 면이 있는 것으로 분석되었다. 여기에 대한 발전 방향으로는 내부 감사 부서들간의 적절한 감사 분담, 외부 감사의 활용, 감사 자동화 도구 도입, 자가통제평가 제도 도입, 감사인력에 대한 경력개발 제도 실시, 위험 기반 감사 제도 도입 등이 있다. 본 연구의 결과는 은행업, 더 나아가서 다른 산업의 기업들이 참고할 수 있는 사시점을 제공하고, 본 연구에서 활용한 분석 프레임워크는 향후 정보시스템 감사 분야의 학술적인 연구에서 활용될 수 있을 것이다.

• 대한설비공학회:학술대회논문집
• /
• 대한설비공학회 2008년도 하계학술발표대회 논문집
• /
• pp.66-71
• /
• 2008

Energy audit was started in 2006 that Korea Government Policy for Energy saving. Who used over 2,000toe/yr(tons of oil equivalent) energy consumption has to perform Energy audit program of obligation every five years with auditing company. HANMI C&E as a company authorized by Government has diagnosed various type building. It shows four case studies of HVAC system in office building through Energy audit. This studies present efficient recommendation method for improving system performance.

• 한국산업정보학회:학술대회논문집
• /
• 한국산업정보학회 2008년도 추계 공동 국제학술대회
• /
• pp.96-103
• /
• 2008

The information systems audit is an proactive action to find out the predicted issues on proceeding the business beforehand, to make out whether the information systems satisfies the user's demand or not and to check up the result of the project with complementing the capabilities of self-diagnostics for the complicated and advanced information system. However, the results of the audited project are apt to be regarded as a failure in a case that an opinion of the audit area evaluation is described as 'insufficient' or 'negative' in the audit report that is submitted as the result of the audit. It makes a lot of arguments among the board of audit, the institution ordering the audit and the auditor. In this study, we made an attempt to finding out the factors affecting the audit area evaluation and verifying them objectively. A study model and hypothesis including the improvement type of the recommended subject to be improved, the importance, the audit time, the business scale of the audited object and the auditing company as a factor variable were established and the hypothesis was verified by analyzing the correlation between the factor variables and the audit area evaluation.

• Journal of Information Technology Applications and Management
• /
• 제11권2호
• /
• pp.45-64
• /
• 2004

Many researchers have proved that information systems auditing is a very effective tool for improving information systems quality. However, information system auditing in Korea still includes many subjective judgements. This study deals with applying a quantitative model to improve information system auditing quality on security domain. First of all, we have looked at previous researches on information systems audit, especially on security audit. Based on this survey, we have come up with solutions to improve the evaluation efficiency on security audit. We have merged the security audit guidelines of NCA and KISA, and developed a quantified evaluation scheme. We have proved the validity of this model by interviews with experts and by case studies.

• The Journal of Asian Finance, Economics and Business
• /
• 제8권5호
• /
• pp.151-156
• /
• 2021

This paper empirically examines the relationship between one of the major corporate governance attributes; family ownership and the audit committee activity across a sample of 430 publicly traded firms on the Saudi Stock Exchange (Tadawul) for the period 2012-2019. Using the Pooled OLS regression, this study finds that family ownership is negatively associated with audit committee activity. This study reported that family ownership is negatively associated with audit committee activity, giving support to the convergence-of-interest hypothesis. Therefore, the existence of family ownership as a monitoring corporate governance mechanism substitutes the audit committee activity as another monitoring mechanism. This study provides empirical evidence on the associations of two internal corporate governance mechanisms, namely; family ownership and audit committee activity in the Saudi context where there is a paucity of research in this area. The findings of this study provide a new understanding regarding the extent to which family ownership impacts the activity of audit committees in manufacturing companies. Similarly, the companies' management, external auditors, bankers, and companies would also benefit from understanding the influential factors of the audit committee activities.

• 대한설비공학회:학술대회논문집
• /
• 대한설비공학회 2008년도 동계학술발표대회 논문집
• /
• pp.505-510
• /
• 2008

Improving energy efficiency is the important thing of energy saving strategies that was shown up result of IEA meeting and the G8 Summit. Energy audit was started in 2006 that Korea government policy for improving energy efficiency. Who used over 2,000toe/yr(tons of oil equivalent per year) energy consumption has to perform energy audit program of obligation every five years with auditing company. HANMI C&E as a company authorized by Government has diagnosed various type building. This case studies are chosen to best practices by KEMCO. This studies present efficient recommendation methods for improving system performance.

• 한국지능정보시스템학회:학술대회논문집
• /
• 한국지능정보시스템학회 2003년도 춘계학술대회
• /
• pp.338-346
• /
• 2003

Information Technology (IT) and the internet have been major drivers the changes in all aspects of the business processes and activities. They have brought major changes to the financial statements audit environment as well, which in turn has required modifications in audit procedures. There exist, however, certain difficulties with current audit procedures especially for the assessment of the level of control risk. This assessment is primarily based on the auditors' professional judgment and experiences, not based on the objective hies or criteria. To overcome these difficulties, this paper proposes a prototype decision support model named CRAS-CBR using case based reasoning (CBR) to support auditors in making their professional judgment on the assessment of the level of control risk of the general accounting system in the manufacturing industry. To validate the performance, we compare our proposed model with benchmark performances in terms of classification accuracy for the level of control risk. Our experimental results showed CRAS-CBR outperforms a statistical model (MDA) and staff auditor performance in average hit ratio.