摘要:In this paper, we developed an operational audit checklist with regard to personal information protection for information systems in public organizations. We derived the checklist from subcontractor relationships based on Korea Personal Information Protection Act, as well as from comparison and analysis of the current checklist for information system operational audit with the checklist for Korean personal information protection certifications such as PIMS and PIPL. By interviewing information system auditors and professionals in personal information protection area, we validated suitability of our checklist.
关键词:Information System Audit; Personal Information Protection Law; Operational Audit Checklist;PIMS; PIPL
