• 한국IT서비스학회지
• /
• 제5권3호
• /
• pp.121-135
• /
• 2006

With the growth and maturation of IT industry, the necessity of audit about development, maintenance and management of high-quality information system is gradually increasing. In addition, the necessity of inner auditing system, which could totally verify and evaluate the effectiveness of project according to the characteristics of organization conducting information-oriented business, also being proposed. Government offices including Korea Institute of Science and Technology(KISTI) collectively controlling nationwide science-technology related information have no guiding principle or organization within themselves even though performing information-oriented businesses are becoming more bigger and complicated. In this paper, we propose scheme for devising framework, which can audit construction and operation of knowledge information, check list and guideline. In addition, we present concrete ways for adapting these schemes to institutes which manage science-technology knowledge information. Audit framework consists of points of time in audit, audit domain and audit criterion. Points of time in audit are defined as three phases as followings: pre-audit, in-progress audit and post-audit. Audit domain includes 16 detail audit domains and especially we set 11 check items and 40 detail investigation items for database implementation business. We expect that management level of science-technology implementation business of organizations using this research result will increase and they could offer high-quality information service.

• 한국IT서비스학회지
• /
• 제11권2호
• /
• pp.197-211
• /
• 2012

This paper describes how to derive audit criterion, audit domain, detail technology, and functional check items which are core of hospital information system, consisting of OCS, EMR, and PACS. Using the check items listed above, we investigated the objective validity for the construction audit of hospital information system. As a result, the derived audit criterion, audit domain, detail technology, and functional check items were verified as check items for audit. Since using the current audit check items of public area is insufficient to construct efficient, reliable, and stable hospital information system, we suggest adopting the hospital information system audit area, audit check items, and process that are presented in this paper.

• 한국IT서비스학회지
• /
• 제4권2호
• /
• pp.23-32
• /
• 2005

Information system audit of Korea is different from that of the United States of America, Japan and so on. Information system audit improves the quality of information system. Information system audit of Korea carried out administrative branches. Recently Public sides required ordinary audit frequently. The reason is that the risk of information system project has increased. Examined closely relation between audit quality and audit style such as ordinary audit, fixed period audit, residence audit, and responsibility audit. And, wished to examine closely relation between audit quality and customer satisfaction. As research result, being effect factor that audit style keeps in mind in audit quality, also, audit quality in audit satisfaction, and was proved that exert effect that ordinary audit, report to the responsibility audit or sense of responsibility state keeps in mind in audit satisfaction.

• 한국IT서비스학회지
• /
• 제8권4호
• /
• pp.87-101
• /
• 2009

The current information system audit merely inspects a web based information system by focusing on checking items that are extracted from structured and information engineering model and object-oriented component model. As a result, the checking item of web contents and design is inadequate. This paper aims to extract audit framework in order to strengthen the audit of web contents and design during the development of the web based information system and to suggest checking items based on audit framework. For this, the web development process and web site evaluation model were studied, compared, and analyzed with the current information system development audit. From a result of the survey, it was found that the adequacy of the suggested audit framework and audit checking items is above the average value. It is believed that the suggested audit framework is helpful for the audit of web based information system.

• 한국IT서비스학회지
• /
• 제11권2호
• /
• pp.213-228
• /
• 2012

The construction of the Geographical Information System(GIS) is continuously in progress, and with the diversification and complication of the system, the importance of its audit is further deepened. At this point in time, the information system audit has been obligatory as it has been stipulated in law, and the GIS audit has come to follow the criterion of the information system audit since it belongs to the information system audit category. However, it was found that there was a difference between the current information system audit standard and the former GIS audit standard, and the audit checking items for the efficient GIS audit is necessary. For this reason, this paper surveyed the characteristics of GIS in accordance with this necessity, analyzed the GIS audit checking items found in the audit performance guideline of the GIS audit standard, and studied the GIS development methodology through the related literature. In addition, this paper also elicited and proposed the audit checking items for the efficient GIS audit based on the findings of this paper. Finally, this paper confirmed the efficiency of the GIS audit checking items proposed here through the comparison of the actual cases of GIS audits.

• 한국IT서비스학회지
• /
• 제15권1호
• /
• pp.113-129
• /
• 2016

Recently, as Information System projects tend to be more complex, the importance of Information System Audit increases. In the same context, the need for the resident IS Audit also increases, which is supposed to deal with the possible risks and urgent issues by providing the appropriate support and timely coordination during IS project. Basically, for the effective IS Audit, the IS audit team members should be able to understand such a business context as work characteristics, business knowledge, goals, and culture of the organization. The audit team members should also be able to share the various knowledge of Information Technology and audit procedure with the owner of the project. Especially, for the resident audit, it is more important to fill the gaps in expertise between project owner and audit team. However, any studies on the need of common knowledge base (knowledge complementarities) in the IS audit have not been done so far. The purpose of this study is to analyze whether the knowledge complementarity based on inter-organizational communication between the project owner and audit team members makes an effect on the fidelity and performance of IS audit. In order to do this, the relationship among inter-organizational communication and knowledge complementarity, the fidelity of IS audit service, and performance of IS audit has been analyzed, using Structural Equation Model. The result shows that all the relationship is significant, which means that knowledge complementarity between the two different interest groups should be an effective factor on the fidelity and performance of IS audit. This result implies that, for better quality of IS Audit service, how to acquire the knowledge complementarity between the project owner and Audit team should be considered seriously as well as systematically in the process of IS Audit.

• 한국항행학회논문지
• /
• 제18권6호
• /
• pp.609-618
• /
• 2014

정보시스템 감리는 정보시스템의 구축과 운영에 관한 제반 사항을 종합적으로 점검하여 문제점을 파악하고 해결 방안을 제시함으로써, 정보시스템 감리에 대한 기대는 정보시스템의 품질 향상과 프로젝트 성과로 나타내기 위해서는 객관적인 증거에 기초한 감리의견 도출이 중요하다. 이 연구는 정보기술수용 모형을 감리분야에 적용하여 감리자동화 기술에 대한 사용자의 유용성과 사용용이성에 대한 인식 수준과 활용의 관계를 분석 및 예측하는 것을 주요 내용으로 한다. 정보시스템 감리와 기술수용모형에 관련된 선행연구를 검토하여 연구모형과 가설에 반영하였다. 감리이해당사자의 설문을 통해 모형과 가설을 검증한 결과, 감리분야에서도 정보기술에 대한 사용자의 인식수준과 활용정도에 정(+)의 상관관계가 있는 것을 확인하였다. 이 연구는 감리 분야에도 기술수용모델을 적용하여 기술의 활용 현상을 설명하고 예측할 수 있음을 실증적으로 확인하였고, 분석 과정에서 감리 분야에 나타나는 몇가지 특징을 식별함으로써 정보기술과 감리에 대한 이론적 기반을 넓히는 데 기여하였다.

• 한국IT서비스학회지
• /
• 제11권4호
• /
• pp.107-121
• /
• 2012

The core infra-technology in the ubiquitous era, RFID which has taken action from the public institution with the pilot projects as well as the practical projects is gradually extending its spectrum to the private enterprises. Along with its expansion, the audit required on the RFID-based information system is also growing in the industry. Especially, since RFID-based information systems, especially compared to other information systems, are likely to be exposed to many threats, the security audit for them is being emphasized. This paper suggests security audit checking items for the RFID-based information system, which can be used to perform the efficient security audit. The security audit checking items consist of eight basic checking items, each of which consists of detailed review items and can be applied for each building steps of the system(analysis, design, implementation, testing, and development). Finally, this paper confirmed the efficiency of the security audit checking items proposed in this paper through survey by the experienced auditors and analysis of practical audit cases.

• Journal of Information Technology Applications and Management
• /
• 제25권3호
• /
• pp.29-41
• /
• 2018

The purpose of constructing university information system is for improvement in diversification and throughput of information, streamlines business processes, rapid exchange of information, sharing of information, decision-making information, and securing educational facilities. Similar to business information technology system, university information system does not have a review system for sharing and overlapping investment of information. Due to the lack of project management for outsourcing and vulnerability of system suitability, system audit is absolutely needed for the university information system. This paper especially focuses on an operational phase in the audit of university information system. Additionally, we proposed operating model and checklists of the university information system based on Management Guidelines of ITIL V3 Operational and Information System. We derived the checklists of operation audit by each domain of service strategy, service design, service transition, service operation, and continual service improvement. As the result, this study appear to have more than average satisfaction the suitability results were.

• 한국산학기술학회논문지
• /
• 제16권2호
• /
• pp.1403-1413
• /
• 2015

정보시스템 감리는 정보시스템의 구축과 운영에 관한 제반 사항을 종합적으로 점검하여 문제점을 파악하고 해결방안을 제시함으로써, 정보시스템의 품질 향상과 프로젝트 성과 제고에 기여해야 한다. 그러나 현실은 감리가 지나치게 주관적인 의견에 치우치고 있다. 이 연구는 정보기술수용 모형(TAM)을 감리분야에 적용하여 감리자동화 기술에 대한 유용성과 사용 용이성에 대한 인식수준을 측정하고, 이를 토대로 감리기술(도구)에 대해 이해당사자의 인식과 활용의 관계를 분석하는 것을 주요 내용으로 한다. 가설검증 결과 감리분야에서도 정보기술에 대한 사용자의 인식수준과 활용정도에 정(+)의 상관관계가 있는 것을 확인하였다. 이 연구는 감리 분야에도 TAM을 적용하여 기술의 활용 현상을 설명하고 예측할 수 있고, 실증적 연구를 통해 감리인, 발주자 및 사업자가 인식하는 수준은 감리계획 단계와 시정조치확인 단계는 유사하게 나타난 반면, 감리수행활동 단계와 감리결과검토 단계는 서로 차이를 보이고 있으며, 유용성 및 사용의도와 활용에서 선호하는 감리기술을 확인할 수 있었다.