• Journal of the Korea Society of Computer and Information
• /
• v.9 no.1
• /
• pp.79-86
• /
• 2004

In general, operating system is offering the security function of OS level to support several web services. However, it is true that security side of OS level is weak from many parts. Specially, it is needed to audit/trace function in security kernel level to satisfy security more than B2 level that define in TCSEC(Trusted Computer System Evaluation Criteria). So we need to create audit data at system call invocation for this, and do to create audit data of equal format about almost event and supply information to do traceback late. This Paper Proposes audit/trace system module that use LKM(Loadable Kernel Module) technique. It is applicable without alteration about existing linux kernel to ensure safe evidence. It offers interface that can utilize external audit data such as intrusion detection system, and also offers safe role based system that is divided system administrator and security administrator These data will going to utilize to computer forensics' data that legal confrontation is Possible.

• Journal of KIISE:Software and Applications
• /
• v.35 no.2
• /
• pp.105-117
• /
• 2008

Generally, project audit provides the service which accomplishes a project successfully by checking the management activity of information system project, indicating a controversial point and reflecting the improvement issues based on project audit check list. In addition, the projects are managed by using the project management maturity model based on process. However, the effect is not big as we except projects performance of real world. In this paper. to solve these problems, the project management maturity evaluation model which is connected with project audit check list and organizational maturity model survey items is designed. Thus, we propose the model which can improve the project performance through the project evaluation of customer's project and development part and the evaluation of organization level as we design that it is possible to not only audit the project but also evaluate it before and after the project.

• Informatization Policy
• /
• v.30 no.4
• /
• pp.3-39
• /
• 2023

With the growing importance of information/information system, information security is emphasized, and the significance of information security audit as a tool for maintaining the proper security level is increasing as well. The objectives of the study are to identify the overall research trends and to propose future research areas by analyzing domestic and overseas research in the area. To achieve the objectives, 103 research papers were analyzed based on both general and subject-related criteria. The following are the major research results : In terms of research approach, more empirical studies are needed; For subject "Auditor," studies to develop a framework for related variables (e.g., capability) are needed; For subject "Audit Activities/Procedures," future research should focus on the process/results of detailed audit activities; Future domestic research for "Audit Areas" should look for the new technology/industry/security areas covered by foreign studies; For "Audit Objective/Impact," studies to define the variables (e.g., performance and quality) systematically and comprehensively are needed; For "Audit Standard/Guidelines," research on model/guideline needs to be continued.

• Journal of Korean Society for Quality Management
• /
• v.29 no.4
• /
• pp.18-37
• /
• 2001

On this research, recognizing that ship inspection and audit services are closely related in Improving ship safety, the importance of active quality managements of ship inspection and audit services have been notified. For this research, based on previous research results, Quality managements of ship inspection and audit services were divided into the following aspects; the source of quality managements, execution of quality managements and outcome of quality managements. The results of this study is as follows. Overall, it is clearly shown that the elements of quality managements execution such as management responsibilities, resource management., product realization, measurement and analyzation, and improvement had also acted as a mediator between the relation of quality managements source and outcome.

• Asia pacific journal of information systems
• /
• v.5 no.1
• /
• pp.112-128
• /
• 1995

The information system control includes organizational structure, control mechanism, and management tools which contribute to accomplish the goals of information system: asset safeguarding, data integrity, effectiveness, and efficiency. Information system audit is the process to evaluate whether the information system accomplishs the goals. Information system auditor examine the reliability of information system control and suggest recommendations to improve the information system control. Both information system control and information system audit activities contribute to prevent and detect the computer crime for the organization. This paper proposes a causal model of information system control/audit and the perceived risk of computer crime, and tests the model using a survey on 38 financial institutions in Korea. Statistical results show that information system control and audit significantly reduce the computer crime risk perceived by the user group. The general control has a stronger impact than the application control. In addition, it turns out that the greater the deviation between the importance and the actual level of information system control is, the higher the perceived risk of computer crime is.

• Proceedings of the SAREK Conference
• /
• 2008.06a
• /
• pp.66-71
• /
• 2008

Energy audit was started in 2006 that Korea Government Policy for Energy saving. Who used over 2,000toe/yr(tons of oil equivalent) energy consumption has to perform Energy audit program of obligation every five years with auditing company. HANMI C&E as a company authorized by Government has diagnosed various type building. It shows four case studies of HVAC system in office building through Energy audit. This studies present efficient recommendation method for improving system performance.

• Proceedings of the Korean Institute of Navigation and Port Research Conference
• /
• 2013.06a
• /
• pp.515-517
• /
• 2013

We carried out the maritime safety audit for Sandal Water Bridge constructed between Geje-Do and Sandal-Do in 2015. To study as to whether can be secured the marine traffic safety for this area, this research investigated and performed the marine accident, marine traffic volume, the marine traffic flow simulation and shiphandling simulation. It is considered to be required the quantitative guidelines for maritime safety audit including audit target area and formal audit object etc.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.6
• /
• pp.277-285
• /
• 2016

This paper aimed at contributing to the improvement of objectivity and reliability of operating audit, quantitative audit result, being able to comparing with best practice and past operating status, through providing quantitative operation check sheet. Quantitative operation check sheet is comprised of thirteen basic check sheet area. The auditors evaluate the current operation status level with basis of basic check sheet area. It is hoped that this thesis on a quantitative operation check sheet for the Improvement of the operation Audit will become the basis for the applicaton and effectiveness of an operation audit that not only the improvement of the quality of information system audit but also usability of operation audit.

• Journal of the Korean Society of Safety
• /
• v.28 no.1
• /
• pp.40-46
• /
• 2013

In the chemical process industries, accidents have a high potential and large effects on catastrophic results. Therefore the safety management for accident prevention plays a crucial role to guarantee the process safety. For these reasons, many systematic methods for safety management system have been widely employed in the fields of chemical processes. PSM (Process safety management) is one of most representative methods. The audit system, which is one of PSM system components, evaluates the performance of PMS system. However, most existing safety audit systems are not systematic and these are performed based on knowledges and experiences of various specialist. Moreover, the safety audit is only performed based on each independent technical component. So, the results of safety audit are not a quantitative index but only a series of commentaries. Finally, it is very difficult to obtain the comparison with other plants or industries. In this study, the novel systematic method and index-based accident database of auditing safety management systems for quantitative assessment are proposed. First, the elements of safety audit replace technical methods to categories of accident database. The F-N curve of each category for accident database is employed to derive the index for quantitative assessment. The Accidental Factor Risk Index (AFRI) is suggested for evaluating the effect of each element in accident database and safety audit system. The safety audit can be modified according to the proposed index.

• Journal of Integrative Natural Science
• /
• v.14 no.4
• /
• pp.205-210
• /
• 2021

최근 메타버스 산업체 pc 하드디스크 메모리 저장 데이타에 대한 사이버 침해 공격 및 기밀유출 사고대응 방안으로 원격기반 상시 실시간 감시 및 분석 보안 체계를 검토 및 발전 시 요구된다. 이러한 사유는 정보보안 유출 90% 이상은 Edge단 pc에서 발생 되는 것으로 메타버스 산업보안기밀 유출 1건당 평균 10억 2,000만원 등의 유형 및 무형 피해(2018보안과 관련된 가장 중요한 팩트와 수치통계 2018.10.16일 IT WORLD) 발생의 근본에 대한 대응과 동시에 IT인프라 구축 시 연동 통합으로 네트웍 시스템 웹 등 영역에서 발생되는 악성코드 공격 대상 등의 대상이 되므로 이에 대한 대응책으로 Deep-Acess기반 상시 실시간 원격 메모리 분석 및 감사(audit)체계 개념이 핵심이다.