• Smart Media Journal
• /
• v.11 no.6
• /
• pp.51-63
• /
• 2022

Metaverse provides a simulated environment where a large number of users can participate in various activities. In order for Metaverse to be sustainable, it is necessary to study ethics that can be applied to a Metaverse service platform. In this paper, Metaverse ethics and the rules for applying to the platform are explored. And, in order to judge the ethicality of avatar actions in social Metaverse, the identity, interaction, and relationship of an avatar are investigated. Then, an action-based audit approach to avatar interactions (e.g., dialogues, gestures, facial expressions) is introduced in two cases that an avatar enters a digital world and that an avatar requests the auditing to subjects, e.g., avatars controlled by human users, artificial intelligence (AI) avatars (e.g., as conversational bots), and virtual objects. Pseudocodes for performing the two cases in a system are presented and they are examined based on the description of the avatars' actions.

• Journal of Information Technology Services
• /
• v.11 no.4
• /
• pp.107-121
• /
• 2012

The core infra-technology in the ubiquitous era, RFID which has taken action from the public institution with the pilot projects as well as the practical projects is gradually extending its spectrum to the private enterprises. Along with its expansion, the audit required on the RFID-based information system is also growing in the industry. Especially, since RFID-based information systems, especially compared to other information systems, are likely to be exposed to many threats, the security audit for them is being emphasized. This paper suggests security audit checking items for the RFID-based information system, which can be used to perform the efficient security audit. The security audit checking items consist of eight basic checking items, each of which consists of detailed review items and can be applied for each building steps of the system(analysis, design, implementation, testing, and development). Finally, this paper confirmed the efficiency of the security audit checking items proposed in this paper through survey by the experienced auditors and analysis of practical audit cases.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.16 no.2
• /
• pp.1403-1413
• /
• 2015

An information System Audit by the recognition of a problem and suggestions for solutions for overall matters about constructing and managing information systems is needed in order to contribute to the improvement of an information system's quality and improving the performance of projects. In reality, however, the general cognition is that audit is biased by subjective opinions. For this, an auditor needs to measure the level of recognition of the usability and convenience of the technologies of automating audit by applying TAM in the information system audit, and to analyze the relationship with recognition and availability of the interested parties for the technology (tool) of the audit. By the hypothesis verification result, an auditor needs to present objective corroborative facts that back up the level of recognition and usability for the information technology in the field of audit. This study verified that the phenomenon of technology application can be explained and predicted by applying TAM in the field of audit. Through an empirical study of the recognition level of audit and contractor, the developer suggests that the audit plan stage is similar to the audit corrective action stage, but the audit action stage is different from the audit review stage. This research can verify the audit technology preferred for the availability and intention of use and usability.

• Journal of Digital Convergence
• /
• v.10 no.5
• /
• pp.251-266
• /
• 2012

Location Information is an information about a place where an individual exists or had existed. As smart phones are popularized, location information becomes more than simple information about the place. As a result, services using an individual's location information became the trend. However, problems arising from discharging Private Information can damage an individual, because it causes financial and economic loss but also detects individual's location and route directly. In realities, the guide that regulates Location Based Service for administering Private Location Information is insufficient. Therefore, this paper proposes check items, which contain standards of judicial action, financial loss ratings, importance of Private Location Information, and criticality of check lists, during the Private Location Information audit at the level of analysis, design, and management of the Information System, in order to prevent the infringement and disclosure of the Private Location Information. Moreover, the proposed check items were verified for its suitability by the professionals' survey.

• Journal of Korean Society for Quality Management
• /
• v.11 no.2
• /
• pp.25-31
• /
• 1983

Often arrangement for effective product assessment and audit have not been completely satisfactory. The underlying reasons are: (a) The lack of early evidence of new unit quality. (b) The collection and processing of data. (c) Ineffective data analysis techniques. (d) The variability of information on which decision making is based. Because of the nature of the product the essential outputs from an affective QA organization would be: (a) Confirmation of new unit quality. (b) Detection of failures which are either epidemic or slowly degradatory. (c) Identification of failure cases. (d) Provision of management information at the right time to effect the necessary corrective action. The heart of an effective QA scheme is the acquisition and processing of data. With the advent of data processing for quality monitoring becomes feasible in an automotive testing environment. This paper shows how the method enables us to use Automotive Testing data for the cost benefits of QA management.

• Journal of Information Processing Systems
• /
• v.17 no.4
• /
• pp.772-786
• /
• 2021

The process of tracking suspicious behavior manually on a system and gathering evidence are labor-intensive, variable, and experience-dependent. The system logs are the most important sources for evidences in this process. However, in the Microsoft Windows operating system, the action events are irregular and the log structure is difficult to audit. In this paper, we propose a model that overcomes these problems and efficiently analyzes Microsoft Windows logs. The proposed model extracts lists of both common and key events from the Microsoft Windows logs to determine detailed actions. In addition, we show an approach based on the proposed model applied to track illegal file access. The proposed approach employs three-step tracking templates using Elastic Stack as well as key-event, common-event lists and identify event lists, which enables visualization of the data for analysis. Using the three-step model, analysts can adjust the depth of their analysis.

• International Commerce and Information Review
• /
• v.11 no.4
• /
• pp.289-312
• /
• 2009

Under the circumstance of increasing international trade volumes and limitation of customs human resources, it is necessary to shift the customs' revenue collection activities and audit method from a transaction-based approach to an account-based approach. Thus, in 1997, U.S. Customs services established the Account Management Program. The Account Management Program is designed to increase importer compliance and improve customer service through one-on-one interaction with business entities and a designated Customs representative(Account Manager). The Account Management Program is a comprehensive process that includes the following stages and activities ; selection of a potential Account, establishment of the Account, management of the Account. In 2009, Korea Customs service introduced and executed the Account Management Program. But owing to its early stages, Korea Customs service does not suggest effective direction of development of the AM program. So I can propose the following improvements of the Account Management Program in Korea. Firstly, the Account Managers have to be assigned more traders than AEOs(Authorized Economic Operators). Secondly, it is necessary that Customs service appoints part-time port Account Managers to help more traders to improve customs compliance. Thirdly, thought should be given as to Account can be expanded to encompass both small and medium enterprises(SME) by providing customs brokers managing their customs business on the behalf of the SME with the Account Managers. Lastly, Customs service has to establish performance measures and action plan for the Account Management Program.

• Journal of Korean Society of Industrial and Systems Engineering
• /
• v.24 no.68
• /
• pp.85-94
• /
• 2001

Most of customers want to know how to develop the computer system they want to get to use according to the their requirements. This study presents a Computer Integration management System for Quality (CISQ) model for system-integration organizations, which need to demonstrate their capability to consistently provide computer integrated system that meets customer satisfaction and applicable regulatory requirements. The Plan.Do.Check.Act(PDCA) cycle called by Doming wheel expresses the basic concept of continuous improvement action in order to emphasize on achieving business goal. It is useful for providing full competence of a system-integration organization to integrate management systems based on the international management system, and to take an advantage in its market. This study specifies International Certification Network Business Excellence Concept(IBEC) approach to ensure a harmonized integration of the variety of management systems and thereby produce synergy effect. The end part of this study specifies a Assessment Model including an assessment concept adding to the compliance audit according to the CISQ for the continuous improvement. A simple application on Failure Modes and Effects Analysis(FMEA) in testing phase in project life cycle has been done.

• Journal of Korean Society of Occupational and Environmental Hygiene
• /
• v.29 no.3
• /
• pp.298-309
• /
• 2019

Objectives: This study aimed to investigate stages of safety and health culture change through a reflection on 40 years of hearing conservation history at a multinational company. Methods: The target workplaces were multinational companies with more than 1,000 employees. The research used the clinical case study and system analysis methods based on direct observation of the research from 1994 to 2009. The latter method performed an analysis of the equilibrium state of the cross-section in the given period and the longitudinal profile of the change during the given period. Results: The stages of cultural change are divided into five stages and summarized as follows. In the first stage, workplace noise was not widely recognized as a hazard, while in the second stage, the measurement of noise levels and audiometric testing were conducted under the Korean Occupational Safety and Health Act (KOSHA). The driving force for change in the second stage was the amendment of the KOSHA. In the third stage, noise came to be recognized as a hazard factor through awareness training. The driving force of change during the third stage was the strong executive power exerted by the audit of the industrial hygiene program from the US head office. In the fourth step, there was a change to actually reduce noise. The driving force in this stage was a change in company executives' risk perception resulting from lawsuits over noise-induced hearing loss and the task force team activities for culture change based on the action learning protocol. At the fifth stage, a 'buy quiet policy' was institutionalized. The management's experience that noise reduction was difficult was the motivation to manage noise from the time of purchase of equipment. Conclusions: The activities of a hearing conservation program are determined by the improvement of the legal system and by the way it is enforced. Noise control activities to reduce noise areas may be possible through the shared risk perception of noise-induced hearing loss and by a change agent role as a facilitator to implement noise control.