A Scientific Method of Information System Audit (과학적 정보시스템감리 방법)

DongIk Shin (신동익)

A Scientific Method of Information System Audit

Informatization Policy
Abbr : 정보화정책
2008, 15(2), pp.3-24
Publisher : NIA
Research Area : Social Science > Public Policy

DongIk Shin ¹

¹홍익대학교

Accredited

ABSTRACT

Information system (IS) audit is a unique policy implemented only in Korea. Since 1980's, Korea has launched very active informatization program across country and initiated a large number of IT projects. Korea government was greatly concerned about the success of IT projects, and introduced a mandatory policy of IS audit, in whcih a government funded project with over a certain amount of project money be subject to IS audit. IS audit has been recognized as a helpful activity to government contractors. However, there is a rising concern about utility of IS audit in these days. Typical complains are subjective audit results that cannot be agreed or audit results not helping management decision making. The study focuses on problems of IS audit in Korea, suggests future directions that IS audit gains its utilityagain. Reviewing diverse management and IT related literature, the study attempts to build a scientific foundation of IS audit, which could lead the discipline more useful and sound.

KEYWORDS

Information System Audit, Enterprise Architecture, IT project Management

Citation status

* References for papers published after 2023 are currently being built.

[book] 삼성SDS / 2008 / 감리의 Minimum Requirement / 한국정보사회진흥원

[journal] 신동익 / 2000a / 정보시스템 개발 기성관리에 대한 연구 / 산업기술 10 : 737~751

[confproc] 신동익 / 2000 / 정보시스템감리의 체계적 접근방안 / 한국정보시스템감리 학술대회 : 3~12

[journal] 신동익 / 2003 / 아키텍처 기반의 정보기술 투자관리 / 산업기술 13 : 629~642

[journal] 신동익 / 2003b / 정보시스템 감리 체계 / 정보화정책 10(2) : 3~15

[confproc] 신동익 / 2003 / 정보시스템감리 현황과 발전방안 / 한국정보시스템감리 학술대회 : 3~15

[other] 정보통신부 / 2005 / 정보시스템의 효율적 도입 및 운영등에 관한 법률 :법률 7816호

[book] 한국전산원 / 2000a / 정보시스템 감리방법론 연구 / 한국전산원

[book] 한국전산원 / 2000 / 감리 자동화 방안 연구 / 한국전산원

[web] 한국전산원 / 정보시스템감리 효과에 관한 연구 / http://www.nia.or.kr

[book] 한국전산원 / 2003 / 부실감리 방지를 위한 감리업체 사전/사후평가방안 연구 / 한국전산원

[web] 한국정보사회진흥원 / 정보시스템감리기준 / http://www.nia.or.kr

[web] 한국정보사회진흥원 / 정보시스템감리 실태 및 효과성 조사 결과보고 - 감리발주기관을 대상으로 / http://www.nia.or.kr

[journal] Aurum, A / 2002 / Stateofthe-art: Software inspections after 25years / software Testing Verification and Reliability : 133~154

[book] Bass, L / 2003 / Software Architecture In Practice, 2nd Edition / Addison Wesley

[other] Coallier,F.,R.McKenzie,et al / 1994 / “Trillium - Model for Telecom Product Development & Support Process Capability.”http://riciS.cl.uh.edu/trillium/

[other] Driessnack, J / 2003 / Integrating Risk in Cost Estimates and Earned Value Management.”http://acc.dau.mil/simplify/ev.php? ID=37464_201&ID2=DO_TOPIC

[other] FEAPMO/OMB / 2005 / “ How to Use the Performance Reference Model.”http://www.whitehouse.gov/omb/egov/documents/How_to_PRM.PDF

[book] Finkelstein, C / 2006 / Enterprise Architecture for Integration: Rapid Delivery Methods and Technologies / Artech House

[book] Fleming, Q / 2005 / Earned Value Project Management / Project Management Institute

[other] Gibson, D / 2006 / Performance Results of CMMI-Based Process Improvement.”http://www.sei.cmu.edu

[journal] Henderson, J / 1999 / Strategic alignment: leveraging information technology for transforming organizations / IBM Systems Journal : 472~484

[book] / 1997 / IEEE1028:IEEE Standard for Software Reviews / IEEE

[book] INCOSE / 1998 / Measurement Primer, International Council on Systems Engineering

[confproc] Iranmanesh, H / 2007 / A new formula to “Estimate At Completion”of a Project’s time to improve “Earned Value Management System” / Proceedings of the 2007 IEEE : 1014~1017

[web] ISACA(2000a)."Audit sampling."http://www.isaca.org.(검색일: / Audit sampling / ISACA / http://www. isaca.org.

[web] ISACA(2000b)."IS Auditing Guideline:Use of Risk Assessment in Audit Planning."http://www.isaca.org/ContentManagement/ContentDisplay.cfm?ContentID=18556.(검색일: / IS Auditing Guideline: Use of Risk Assessment in Audit Planning / ISACA / http://www.isaca.org/ContentManagement/ContentDisplay.cfm?ContentID=18556.

[web] ISACA / Use of risk assessment in audit planning / ISACA / http://www.isaca.org.

[web] ISACA(2008a)."All ISACA IS Standards,Guidelines and Procedures for Auditing and Control Professionals."http://www.isaca.org/AMTemplate.cfm?Section=Stand ards2&Template=/ContentManagement/ContentDisplay.cfm&ContentID=40571.(검색일: / All ISACA IS Standards, Guidelines and Procedures for Auditing and Control Professionals / ISACA / http://www.isaca.org/AMTemplate.cfm?Section=Stand ards2&Template=/ContentManagement/ContentDisplay.cfm&ContentID=40571

[web] ISACA(2008b)."Materiality concepts for auditing information systems."http://www.isaca.org.(검색일: / Materiality concepts for auditing information systems / ISACA / http://www.isaca.org.

[other] / 2008 / ISO/IEC12207:Systems and Software Engineering-Software Lifecycle Processes / "

[other] / 2004 / ISO/IEC15504:SPICE (Software Process Improvement and Capability Determination)

[book] IT Governance Institute / 2007 / COBIT(Control Objectives for Information Technology) 4.1 / ITGI

[web] ITIL / IT Infrastructure Library / ITIL / ITIL / http://www.itil-officialsite.com/home/ home.asp.

[book] Kaplan, R. S / 1996 / The Balanced Scorecard: Translating Strategy into Action / Harvard Business School Press

[book] Kaplan, R. S / 2004 / Strategy Maps: Converting Intangible Assets into Tangible Outcomes / Harvard Business School Press

[confproc] Kitterman,B.A / 2005 / A structured method for generating, evaluating and using metrics / INCOSE Coference Proceedings

[book] Kossiakoff, A / 2002 / Systems Engineering Principles and Practice / Wiley-Interscience

[book] LG-CNS / 2008 / 감리의 Minimum Requirement (Unpublished Manuscript) / 한국정보사회진흥원

[thesis] Mahidhar,V / 2005 / Designing the Lean Enterprise Performance Measurement System / 석사 / MIT

[confproc] Mayrand, J / 1996 / System Acquisition Based on Software Product Assessment / International Conference of Software Engineering : 210~210

[other] Park, R. E / 1996 / “Goal-Driven Software Measurement -A Guidebook.”http://www.sei.cmu.edu/pub/documents/96.reports/pdf/hb002.96.pdf

[journal] Ruskin,A.M / 1995 / Measuring Project Performance: Acceptably Samll Inck- Pebbles / Engineering Management Journal 7(3)

[journal] Ruskin,A.M / 2004 / Two Issues Concerning the Use of Earned Value Measurements / Engineering Management Journal 16(3) : 26~30

[book] Scampi Upgrade Team / 2006 / Standard CMMI.. Appraisal Method for Process Improvement (SCAMPISM) A, Version 1.2: Method Definition Document / CMU/SEI

[book] SK C&C / 2008 / 감리의 Minimum Requirement (Unpublished Manuscript) / 한국정보사회진흥원

[book] Smith,R.F / 2006 / Business process management and the balanced scorecard: Using processes as strategic drivers / John Wiley & Sons

[web] Standish Group / Welcome to The Standish Group International, Inc / Standish Group / Standish Group / http://www.standish.com.

[book] TimeTiger / 2008 / A Practical use of earned value

[web] / Assessment / Wikipedia / http://en.wikipedia.org/wiki/Assessment

[web] Wilkens,T.T / Earned Value / http://www.projectsmart.co.uk/docs/earnedvalue.pdf.

[journal] Yau, C / 1993 / Using Analytic Hierarchy Process to prioritize auditing tasks for large-scale Software Systems / Journal of Systems Management 44(11) : 26~31

[journal] Zachman,J.A / 1987 / A Framework for Information Systems Architecture / IBM Systems Journal 26(3) : 276~

KJCKorea
Journal Central

Informatization Policy 2023 KCI Impact Factor : 4.08