CAJ | 학술논문

本文在分析国外IT目标、IT过程和IT资源的信息系统过程控制审计框架基础上，依据系统控制理论关于执行、反馈和控制的结构性原理，分析信息系统承栽业务的业务逻辑、业务流程、业务信息、业务处理、业务性能和业务部署等要素对信息系统各组成部分的影响。结合我国信息系统审计实践，研究并提出了依据信息系统审计目标，确定信息系统审计控制结构和控制点，检查和评价各类信息资源的完整性和控制有效性的信息系统结构控制审计三维框架，以及以管理控制为统领、应用控制为核心、网络控制为基础、安全控制为保障的四维结构控制及其审计重点，试图在过程控制审计框架基础上扩展构建结构控制审计框架，从而形成较为完整的信息系统控制审计框架。
본문재분석국외IT목표、IT과정화IT자원적신식계통과정공제심계광가기출상，의거계통공제이론관우집행、반궤화공제적결구성원리，분석신식계통승재업무적업무라집、업무류정、업무신식、업무처리、업무성능화업무부서등요소대신식계통각조성부분적영향。결합아국신식계통심계실천，연구병제출료의거신식계통심계목표，학정신식계통심계공제결구화공제점，검사화평개각류신식자원적완정성화공제유효성적신식계통결구공제심계삼유광가，이급이관리공제위통령、응용공제위핵심、망락공제위기출、안전공제위보장적사유결구공제급기심계중점，시도재과정공제심계광가기출상확전구건결구공제심계광가，종이형성교위완정적신식계통공제심계광가。
According to system control theory＇s structure principle of execution, response and control , this paper analyses factors which influence information system components, such as business logic , business process, business information, business processing, service performance and service deployment beared by information system, based on a serious analysis of IT target, IT process and IT resource of foreign audit framework on information system process control. By combining domestic practice of information system audit , the paper based on audit target of in- formation system, provides a three-dimensional audit framework of information system structure control by ensuring structure and point of information system audit control, inspecting and evaluating integrity of information resource and control effectiveness. Also, it furnishs a four-dimensional structure control and its auditing emphasis with man- agement control as the coordination, application control at the core, network control as the basis and, security control as safeguards. Finally, on the foundation of audit framework of process control , the paper attempts to expand and establish structure control audit framework, thereby forming a better complete audit framework of information system control.