• Title/Summary/Keyword: audit framework

Search Result 47, Processing Time 0.025 seconds

IS Audit Framework based on Enterprise Architecture (EA 기반의 정보시스템 감리 프레임웤 개발)

  • Ahn, Tony Dong-Hui
    • 한국IT서비스학회:학술대회논문집
    • /
    • 2003.11a
    • /
    • pp.413-423
    • /
    • 2003
  • 1980년대 후반 국내에 정보시스템 감리 제도가 도입된 이래 그 효과성이 가시적으로 입증됨으로써 감리의 필요성에 대한 인식이 높아지고 있고, 공공기관 뿐만 아니라 민간기업에서도 감리를 시행하는 사례가 늘어가고 있다. 그러나 정보시스템 구축 프로세스에 근본적인 개선이 이루어 지지 않는 한, 감리만으로는 정보시스템 구축 프로세스나 구축된 시스템의 품질향상에는 한계가 있기 마련이다. 이 연구는, 기존의 정보시스템 프로세스의 문제점을 개선하고, 전사적인 정보화활동 관리가 가능하도록 지원하는 엔터프라이즈 아키텍쳐(EA)의 특징을 정리하고, EA에 기반한 감리프레임웤을 제시하였다 EA기반의 감리 프레임웤은 조직의 정보기술 활동이 경영전략과 업무 프로세스와 연계되도록 평가, 권고, 조정할 수 있는 유용한 수단을 제공할 수 있을 것으로 판단된다.

  • PDF

An Integrated IT Audit Framework for U-City Projects (u-City사업을 위한 IT통합감리점검 프레임워크)

  • Kwon, H.Y.;Lee, D.H.;Choe, S.H.;Hwang, I.S.;Lee, B.M.
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2010.11a
    • /
    • pp.315-317
    • /
    • 2010
  • 본 논문에서는 u-City 감리를 위한 정보시스템감리와 정보통신공사감리의 통합된 감리점검프레임워크를 제시하였다. 이를 위하여 먼저 u-City 감리점검프레임워크의 요구사항을 정리하였으며, 기존의 정보시스템 감리점검 프레임워크와 정보통신감리 프레임워크를 간략히 소개한 후, u-City 감리를 위한 정보시스템감리와 정보통신공사감리의 통합된 감리점검 프레임워크를 제시하였다.

A Case Study on the Risk Management for the Long-term Preservation Business Activities Related to Electronic Records (전자기록 장기보존 위험관리 사례)

  • Yim, Jin-Hee
    • The Korean Journal of Archival Studies
    • /
    • no.39
    • /
    • pp.3-43
    • /
    • 2014
  • This paper showed results of the risk management project in detail which was conducted by National Archives of Korea(NAK) in 2010. In the project NAK examined its long-term preservation business of electronic records using DRAMBORA(Digital Repository Audit Method Based on Risk Assessment). NAK has defined 44 different risk elements related to its business activities, assessed and classified them into several grades according to the severity calculated by risk probability score and risk potential impact score, and developed precise management plans for two of the most serious risks. This paper introduced the management plan for one of them. The risk was numbered with NR04 and described by 'Loss of integrity of records information'. This paper explained mitigation strategies, contingency organization, disaster control responsibilities, and personal mission cards for the NR04. This paper planned to give comprehensive understandings to Records Management Organizations about the risk management approaches as an effective way for business management through the case study.

Study on improvement of information system audit (정보시스템 감리서비스 개선방안에 대한 연구)

  • Kyoo-Hyo Park;Rae-Chon Park;Chang-Gyu Yang
    • The Journal of the Convergence on Culture Technology
    • /
    • v.10 no.5
    • /
    • pp.609-617
    • /
    • 2024
  • Research on information system supervision services was mainly interested in supervision service standards or legislation, but this study identified the factors that ordering agencies consider important when introducing/advancing information systems and then looked at the information system from the ordering agency's perspective. According to the research results, (1) ordering organizations consider innovation factors the most important when introducing/advancing information systems, (2) organizational culture and the will of the CEO are still important factors, and (3) innovation factors are more important than technology factors. The results of this study indicate that the participation of information system supervision experts is required not only from the technical aspect of the constructed information system, but also from the organizational aspect of the ordering agency.

Development Process and Methods of Audit and Certification Toolkit for Trustworthy Digital Records Management Agency (신뢰성 있는 전자기록관리기관 감사인증도구 개발에 관한 연구)

  • Rieh, Hae-young;Kim, Ik-han;Yim, Jin-Hee;Shim, Sungbo;Jo, YoonSun;Kim, Hyojin;Woo, Hyunmin
    • The Korean Journal of Archival Studies
    • /
    • no.25
    • /
    • pp.3-46
    • /
    • 2010
  • Digital records management is one whole system in which many social and technical elements are interacting. To maintain the trustworthiness, the repository needs periodical audit and certification. Thus, individual electronic records management agency needs toolkit that can be used to self-evaluate their trustworthiness continuously, and self-assess their atmosphere and system to recognize deficiencies. The purpose of this study is development of self-certification toolkit for repositories, which synthesized and analysed such four international standard and best practices as OAIS Reference Model(ISO 14721), TRAC, DRAMBORA, and the assessment report conducted and published by TNA/UKDA, as well as MoRe2 and current national laws and standards. As this paper describes and demonstrate the development process and the framework of this self-certification toolkit, other electronic records management agencies could follow the process and develop their own toolkit reflecting their situation, and utilize the self-assessment results in-house. As a result of this research, 12 areas for assessment were set, which include (organizational) operation management, classification system and master data management, acquisition, registration and description, storage and preservation, disposal, services, providing finding aids, system management, access control and security, monitoring/audit trail/statistics, and risk management. In each 12 area, the process map or functional charts were drawn and business functions were analyzed, and 54 'evaluation criteria', consisted of main business functional unit in each area were drawn. Under each 'evaluation criteria', 208 'specific evaluation criteria', which supposed to be implementable, measurable, and provable for self-evaluation in each area, were drawn. The audit and certification toolkit developed by this research could be used by digital repositories to conduct periodical self-assessment of the organization, which would be used to supplement any found deficiencies and be used to reflect the organizational development strategy.

A Comparative Study on Hospital Accreditation Programme -United States of America, United Kingdom, Canada, Australia, Republic of Korea (주요 국가의 의료기관 신임제도 비교연구 - 미국, 영국, 캐나다, 호주, 한국을 중심으로 -)

  • Shin, Young-Soo;Lee, Sin-Ho;Kim, Su-Kyeong;Lee, Young-Sung
    • Quality Improvement in Health Care
    • /
    • v.1 no.1
    • /
    • pp.66-94
    • /
    • 1994
  • Hospital Accreditation Programme(HAP) has been introduced in many countries in the world for these recent years. This article reviews the HAP in the aspects of the organization, survey and evaluation process, evaluation criteria, and its impact to the hospital quality improvement. The nations included in this study are USA, UK, Canada, Australia, and Korea. To carry out this comparative study, the authors have reviewed articles and accreditation manuals having been issued in many countries. An expert panel of medical doctor, nurse, pharmacist, administrator, and specialist in health facilities formulated a study framework. The results of this study enhance understanding about hospital accreditation activities according to each nation's health care system. In recent years, the Korean government has launched the plan to improve the quality of health services by strengthening the hospital accreditation programme. This study results can provide useful information in development and implementation of the national hospital accreditation programme in Korea.

  • PDF

Practical Application of HACCP Concepts in Korea -Using the Canadian Food Safety Enhancement Program- (국내에서의 HACCP 개념의 실용화에 관한 연구 -캐나다 FSEP를 중심으로-)

  • ;Scott A. McEwen
    • Journal of Food Hygiene and Safety
    • /
    • v.14 no.1
    • /
    • pp.104-114
    • /
    • 1999
  • This study was conducted to find out the proper ways of implementation of Hazard Analysis Critical Control Point (HACCP) concepts applicable to the current Korean food inspection system. The following recommendations are based on an in-depth review of the Canadian Food Safety Enhancement Program (FSEP), which is one of the leading HACCP programs adapted to the food industry. Since 1997, the HACCP system has been voluntarily applied to meat processing plants in Korea in accordance with the Food Protection Law. But the guidelines are obscure and inadequate to expand to the diversity of food plants, and are therefore only applied to a limited number of plants of small scale enterprise. For these reasons, it is necessary to prepare an enhanced food safety control program focused not only on the HACCP plants but also on the non-HACCP plants. The national program should be the fundamental framework of a food safety control policy enforced by all the relevant authorities. The Prerequiste Program of Canadian Food Inspection Agency and Sanitation Standard Operating Procedures (SSOP) of FSIS are good example programs for the non-HACCP plants. These programs, which are a major part of the HACCP system, could easily be adapted to the Korean food industry. To improve the current HACCP implementation guideline, it is necessary to develop a detailed implementation manual, generic HACCP model, training program, and an audit program.

  • PDF

Configuration Management based Configuration File Version Integrity Auditing Framework (형상관리 기반 설정파일 버전 무결성 감사 프레임워크)

  • Kim, Seonjoo;Lee, Sukhoon;Baik, Doo-Kwon
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2012.11a
    • /
    • pp.1511-1514
    • /
    • 2012
  • 최근 기업에서 구축하는 IT 아키텍쳐가 점점 복잡해져 가는 환경변화에 따라 각 시스템 구성요소의 조건이나 특성을 저장하는 설정파일(Configuration file)의 중요성이 강조되고 있지만, 대부분의 형상관리시스템이 응응 소프트웨어를 중심으로 구성되어 설정파일의 특징을 반영한 활동에 한계를 갖고 있다. 또한 품질보증 목적으로 수행하는 형상감사 활동도 응용 소프트웨어를 대상으로 품질중심 감사 활동이 이루어지면서, 등록된 개별 소프트웨어 별로 변경통제와 버전관리가 이루어져 설정 파일이 포함되는 경우 버전 무결성 차원의 문제를 적발하지 못하는 문제가 있다. 이 논문에서는 추가적으로 필요한 감사활동 요구기능을 정의하고, 동일한 원본에서 배포된 설정파일들이 서로 버전이 다르게 관리 될 수 있는 문제를 감사(Audit)를 통해 탐지할 수 있는 버전 무결성 감사 프레임워크를 제시한다. 제안하는 프레임워크는 기존 형상관리 개념과 액티비티, 프로세스를 기반으로 감사기능을 보완한다. 이를 통해 기존 감사활동에 버전 무결성 검증을 수행하는 형상감사 기능이 포함되며, 이는 설정파일의 버전 차이에 의해 사전/사후 발생될 장애, 오동작 등의 문제 해결에 활용된다. 이 논문에서 제안 프레임워크의 검증을 위하여 웹 시스템 기반 자바환경으로 구현하였고, 현장 적용한 부분을 평가 함으로써 검증하였다.

Cloud-Based Accounting Adoption in Jordanian Financial Sector

  • ELDALABEEH, Abdel Rahman;AL-SHBAIL, Mohannad Obeid;ALMUIET, Mohammad Zayed;BANY BAKER, Mohammad;E'LEIMAT, Dheifallah
    • The Journal of Asian Finance, Economics and Business
    • /
    • v.8 no.2
    • /
    • pp.833-849
    • /
    • 2021
  • Cloud accounting represents a new area of accounting information systems. Past research has often focused on accounting information systems and its antecedents, rather than factors that adopt cloud accounting system. The purpose of this paper is to explain the factors that influence the adoption of cloud accounting in the financial sectors. This paper applied the technology acceptance model (TAM), technology-organization-environment, and the De Lone and Mc Lean model, coupled with proposed factors relevant to cloud accounting. The proposed model was empirically evaluated using survey data from 187 managers (financial managers, IT department managers, audit managers, heads of accounting departments, and head of internal control departments) in Jordanian bank branches. Based on the SEM results, top management support, organizational competency, service quality, system quality, perceived usefulness, and perceived ease of use had a positive relationship with the intention of using cloud accounting. Cloud accounting adoption positively affected cloud accounting usage. This paper contributes to a theoretical understanding of factors that activate the adoption of cloud accounting. For financial firms in general the results enable them to better develop cloud accounting framework. The paper verifies the factors that affect the adoption of cloud accounting and the proposed cloud accounting model.

The Impact of Business Intelligence on the Relationship Between Big Data Analytics and Financial Performance: An Empirical Study in Egypt

  • Mostafa Zaki, HUSSEIN;Samhi Abdelaty, DIFALLA;Hussein Abdelaal, SALEM
    • The Journal of Asian Finance, Economics and Business
    • /
    • v.10 no.2
    • /
    • pp.15-27
    • /
    • 2023
  • The purpose of this research is to investigate the impact of Business Intelligence (BI) on the relation between Big Data Analytics (BDA) and Financial Performance (FP), at the beginning we reviewed the academic accounting and finance literature to develop the theoretical framework of business intelligence, big data and financial performance in terms of definition, motivations and theories, then we conduct an empirical analysis based on questionnaire-base survey data collected. The researchers identified the study population in the joint-stock companies listed on the Egyptian Stock Exchange and operating in the sectors and activities related to modern technologies in information systems, big data analytics, and business intelligence, in addition to the auditing offices that review the financial reports of these companies, and The sector closest to the research objective is the communications, media, and information technology sector, where the survey list was distributed among the sample companies with (15) lists for each company, and (15) lists for each audit office, so that the total sample becomes (120) individuals (with a response rate 83.3%), The results show, First, Big data analytics significantly affect organizations' financial performance, second, Business intelligence mediates (partial) the relationship between big data analytics and financial performance.