• Journal of Korea Spatial Information System Society
• /
• v.2 no.2 s.4
• /
• pp.5-23
• /
• 2000

Since 1995, national and local governments have competitively initiated many and large GIS projects and audit for the projects becomes an important issue. So far, the audit in the Information Technology(IT) area has tried to deal with the issue but ineffectiveness has been found for the successful GIS project management. Effective auditing is a critical element for the project management. In order to establish a proper audit model for the GIS projects and to promote auditing activities in the projects, this study constructs two hypotheses and tries to prove them. The hypotheses are as follows : 1) For a good audits model for GIS, unique characteristics of a GIS project audit items and the scope of the audit need to be identified. 2) The scope of audit needs to be classified according to the requests from tasks in the projects. To prove the hypotheses, this study analyzes positive aspects of audit in IT and construction projects, clarifies the audit items in GIS projects by comparing with them, and classifies the scope of the GIS audit based on various types of GIS projects. As a results, 5 types of the GIS audit are identified : (1) audit for project management, (2) audit focused on IT, (3) audit characterized by GIS technologies, (4) GIS database audit and (5) consulting services for critical problems in the projects. In addition, 4 criteria in classifying the GIS projects are suggested for the GIS audit. The 4 criteria are domain, scope, duration, and GIS applications technologies. Especially, GIS technology considered in this study includes GIS software, methodologies for GIS development, GIS database and quality control of GIS data, which are not usually reflected in the existing studies about in GIS audit. Because the GIS audit depends on a type of GIS projects, scopes of the audit can be flexibly reconstructed in accordance with the types of GIS projects. This is a key to effective and realistic audit for the future GIS projects. Strategies for effective GIS audit are also proposed in terms of the following: GIS project management, goal establishment in each audit stage, documentation from GIS audit, timing strategies for intensive GIS audit, and designing team structure.

• Journal of Information Technology Services
• /
• v.12 no.4
• /
• pp.219-234
• /
• 2013

We introduced a framework of information systems audit methodology and applied to IS projects based on RFID/USN in six public organizations in South Korea. An analysis of five IS implementation projects shows the iterative technical specific risks are disclosed. The key 14 risk factors categorized into 4 classifications (Project Management, application, database, system architecture) which are based on the established IT audit framework in order to extend to the technology (RFID/USN) specific framework and apply to the other case as well. The implications of these findings for audit research and practice are discussed.

• KIPS Transactions on Software and Data Engineering
• /
• v.8 no.5
• /
• pp.179-186
• /
• 2019

Information system audit, which provides effective diagnosis and inspection of IT governance, is applied to all aspects from planning to development and operation. However, there is a difficulty in carrying out the audit because the system for the specialized university IT project is not developed. Therefore, it is necessary to set the internal system as the audit-based application framework in order to apply it to university IT governance. In this paper, we propose a audit-based application framework of university information system developed for university. The framework has a difference from the existing audit system. By using this framework, it is possible to present a standard for the university IT project and easily approach and use it in the field. And it can be used for direct audit through this framework in the level of the auditor as well as the HQ admin. The framework categorizes the audit into three major dimensions and suggests a method that can be applied to the university information system audit through the UAFP(University Audit Framework Process) and quality assurance.

• Journal of Software Engineering Society
• /
• v.29 no.2
• /
• pp.7-12
• /
• 2020

A project to establish an information system with a project cost of more than 500 million won at a local public firm is subject to the Information System Audit (hereinafter referred to as IS Audit), and the IS Auditor shall conduct audit according to the audit criteria. Recently, as blockchain technology has been applied to various fields such as manufacturing, healthcare, distribution, and public sectors beyond the financial industry, the development of systems that apply blockchain technology is increasing. The use of Hyperledger Fabric, a private blockchain, is on the rise to utilize blockchain technology in public firms and private firms. However, the newly emerging blockchain-based system is not sufficient to carry out auditing with existing audit check items, so it has no choice but to make and use audit items individually. Therefore, a need for verified audit items for systems that base on blockchain technology has emerged. In this study, we customized the Delphi process to derive audit items suitable for the system development project using the blockchain technology, and verified the completeness and accuracy of the audit items derived through a survey by the IS Auditor. This research will be of direct help to the IS Auditor, and it is expected that operators and organizers who provide services through the blockchain-based system will also contribute to improving the quality of the system.

• Korean Management Science Review
• /
• v.34 no.2
• /
• pp.115-123
• /
• 2017

IS audit has been regarded as contributing to the improvement of the quality of information Systems, recently, it has been argued that it is not possible to expect a effectiveness, because it can offset the schedule burden due to the preparation of additional documents for Audit and it affect to the project schedule. The effectiveness and quality criteria of IS audit are different between groups, because IS audit is responsible for checking the results and process of the developer company. In this study, we modeled between IS effectiveness and auditor competence, audit firm competence, IS audit standards. As a result, it was concluded that auditor competence, audit firm competence, IS audit standards have a positive effect on IS audit effectiveness. However, according to the result of comparing between interest groups, audit firm competence and audit standards were significant in auditor group, but audit standard was significant in requesting organization and developing company thought that auditor was a important factor to audit effectiveness.

• Journal of Information Technology Services
• /
• v.5 no.3
• /
• pp.121-135
• /
• 2006

With the growth and maturation of IT industry, the necessity of audit about development, maintenance and management of high-quality information system is gradually increasing. In addition, the necessity of inner auditing system, which could totally verify and evaluate the effectiveness of project according to the characteristics of organization conducting information-oriented business, also being proposed. Government offices including Korea Institute of Science and Technology(KISTI) collectively controlling nationwide science-technology related information have no guiding principle or organization within themselves even though performing information-oriented businesses are becoming more bigger and complicated. In this paper, we propose scheme for devising framework, which can audit construction and operation of knowledge information, check list and guideline. In addition, we present concrete ways for adapting these schemes to institutes which manage science-technology knowledge information. Audit framework consists of points of time in audit, audit domain and audit criterion. Points of time in audit are defined as three phases as followings: pre-audit, in-progress audit and post-audit. Audit domain includes 16 detail audit domains and especially we set 11 check items and 40 detail investigation items for database implementation business. We expect that management level of science-technology implementation business of organizations using this research result will increase and they could offer high-quality information service.

• Journal of Korean Society for Quality Management
• /
• v.46 no.1
• /
• pp.113-134
• /
• 2018

Purpose: The purpose of this study was to clarify the causal relationship and correlation between audit quality and audit performance and to analyze theoretical discussions and actual facts in order to improve audit performance on public enterprise audit and to identify what factors contribute to management and to seek ways to secure business performance. Methods: In this study, theoretical consideration was conducted that concerned the definition of audit, the concept of internal audit, the audit quality and the audit performance after having considered advanced researches, related regulations, and literatures. Through the foundation of such theoretical consideration, the components of the audit quality were deducted and each component's impact on the audit performance was empirically proven. The collected data through the survey were analyzed using multi-regression analysis. The measurement tools used for this study were divided into three dimensions such as internal quality, interaction quality and environmental quality. Result: First remark, out of the various components of the audit quality, independence, professionalism, and empathy appear to positively impact the audit degree of satisfaction. However, the measure of sufficiency is shown to bear no correlation to the audit degree of satisfaction. Second, out of the various components of the audit quality, professionalism, sufficiency, and empathy appear to positively impact the audit degree of applicability. However, the measure of independence is shown to bear no correlation to the audit degree of applicability. Third, audit quality appears to positively impact the audit degree of satisfaction and applicability, and also the performance of management. Concusion: It appears that the audit quality positively impacts the audit degree of satisfaction, applicability and management performance indicated by the audit performance.

• Journal of Service Research and Studies
• /
• v.7 no.3
• /
• pp.21-36
• /
• 2017

Recently in information business, managing and auditing are getting more difficult because of enlargement, intellectualization and convergence. In addition, ordering organizations have been having a difficult time choosing a service because not only there is a huge overlap between information audit system and PMO but also the work boundaries of those two are not clear enough. As the demand that a business managing and auditing frame work need to be more developed in terms of independence, quality, economic feasibility and responsibility has been increased, the Korea Association Of Information Systems Audit has been attempting to improve business management and audit system by proposing Unified Project Management Framework whose process is approximately constructed. This study introduces Unified Project Management Framework which is all-encompassing from the ordering at the very beginning of business to the operating in the post-processing step and then verifies its work scope through a comparative analysis with existing management systems. Also, this thesis examines the necessity of unification of audit system and PMO by analysing existing similar systems. At the end, this study, analyses the suitability of Unified Project Management Framework by evaluating it with IT goal frame of COBIT5 which is constructed based on BSC performance management index. The result of the analysis is expected to help people in charge understanding the features of Unified Project Management Framework before they apply it to practical business.

• International Journal of Advanced Culture Technology
• /
• v.9 no.1
• /
• pp.210-217
• /
• 2021

In the case of an agile-based project, it was inadequate to perform a comprehensive inspection and evaluation on the establishment and operation of an information system by performing audit only with the audit and inspection elements provided by the existing information system audit and inspection system. In particular, in the case of the test activity area, it was necessary to improve the test activity audit check items to comprehensively check the agile-based development process by applying the existing audit system. To this end, a test activity improvement check model of the agile methodology audit model was presented by applying the repetition concept, a characteristic of the agile methodology. In order to empirically verify the model of this study, a survey was conducted for auditors and designers/developers who have experience in performing agile-based projects and auditing information systems. As a result of the questionnaire on the integrated test and system test in the test stage, more than 70% of the respondents were found to be suitable. More than 80% of the respondents judged that it was appropriate as a result of the questionnaire on "improvement and regression test progress according to integrated test and system test results" and "integrated test and functional actions of components and subsystems".

• Journal of Information Technology Applications and Management
• /
• v.25 no.3
• /
• pp.29-41
• /
• 2018

The purpose of constructing university information system is for improvement in diversification and throughput of information, streamlines business processes, rapid exchange of information, sharing of information, decision-making information, and securing educational facilities. Similar to business information technology system, university information system does not have a review system for sharing and overlapping investment of information. Due to the lack of project management for outsourcing and vulnerability of system suitability, system audit is absolutely needed for the university information system. This paper especially focuses on an operational phase in the audit of university information system. Additionally, we proposed operating model and checklists of the university information system based on Management Guidelines of ITIL V3 Operational and Information System. We derived the checklists of operation audit by each domain of service strategy, service design, service transition, service operation, and continual service improvement. As the result, this study appear to have more than average satisfaction the suitability results were.