KR101813840B1 - System for performing audit task using risk evaluation analysis and method thereof - Google Patents

Abstract

The present invention relates to a system to perform an audit task using a risk evaluation analysis and a method thereof. According to the present invention, the system to perform the audit task using the risk evaluation analysis comprises: a risk management server which performs the risk evaluation analysis for each work area made by grouping pre-determined management indicators, which classify work, thereby calculating a level of risk by indicator, level of risk by work, and comprehensive level of risk as a result of the risk evaluation analysis; an audit administration server which performs the audit task based on the calculated result of the risk evaluation analysis; and a database management system which saves the calculated result of the risk evaluation analysis from the risk management server and a result of the audit performed by the audit administration server. The management indicators are classified into publicized indicators and unpublicized indicators in accordance with whether they are publicized and classified into risk indicators and work indicators in accordance with a property of indicators to be able to be added, modified, or deleted. The present invention is to provide a system to perform an audit task using the risk evaluation analysis and method thereof, which are able to connect the calculated result of risk evaluation analysis to the audit administration.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a system and a method for performing auditing using risk assessment analysis,

The present invention relates to an audit system, and more particularly, to a system and method for performing an audit task using a risk assessment analysis result.

The auditing department of the public agency plays an independent auditing task in accordance with the Public Audit Law, and it plays a role of managing and checking the risk factors for each task and supporting the improvement of the management. In the past, The paradigm of audit is changing with emphasis on consulting function.

In accordance with the Act on Public Audit, public agencies should have their own audit organizations, and the National Health Insurance Corporation, a quasi-governmental organization, also has its own audit organization, the Audit Office. The Audit Office has also built an audit system for the introduction of the 2008 Integrated Management System in order to efficiently perform the audit work. Although there are a variety of functions, but the audit administration system, which lacked the connectivity and scalability, and the nature of the indicators, the work indexes were variously set. However, it is difficult to apply the risk management System.

The complaints about the complaints and the complaints about the operation were continuously raised. In 2012, the web-based audit system was rebuilt and the risk management was constructed on the basis of the regular monitoring of the form of notification call. there was. Since then, the audit system has strengthened its linkage with other DBs in the complex, and tried to provide a rich audit base data to the auditors as much as possible by diversifying the composition of the management indexes in a linkage manner that conforms to DB characteristics.

However, the risk management system based on the continuous monitoring has difficulty in realizing the monitoring at all times due to the problem that the monitoring department should be set except for monitoring the use of the corporate card. Also, the nature of the indicator should be close to the risk index There were many indicators that were below that level.

Japanese Patent Application Laid-Open No. 10-2013-0005940, publication date January 16, 2013

In order to solve the problems of the prior art, the object of the present invention is to provide a system and method for performing a risk assessment analysis for each task domain grouped with predetermined management indicators for classifying tasks, And a method and system for performing an audit task using a risk assessment analysis, in which the result of the risk assessment analysis is calculated and the result of the risk assessment analysis is linked with the audit administration.

It should be understood, however, that the present invention is not limited to the above-described embodiments, and may be variously modified without departing from the spirit and scope of the present invention.

In order to accomplish the object of the present invention, a system for performing an audit task using a risk assessment analysis according to one aspect of the present invention performs a risk assessment analysis for each task domain grouping predetermined management indicators for classifying tasks A risk management server that calculates the level-level risk, the level-by-task level, and the overall level-level risk by the result of the risk assessment analysis; An audit administration server for performing an audit based on the calculated result of the risk assessment; And a DBMS (Data Base Management System) storing a result of performing the audit performed by the audit administration server as a result of the risk assessment analysis calculated from the risk management server, wherein the management indicators are classified into a public index and a private index And can be added, modified or deleted according to the nature of the indicators, separated into risk indicators and business indicators.

In addition, the risk management server provides a level-level risk index for each management domain by risk level, using predetermined weight and threshold, and provides a risk level according to each branch, a risk color per rank, Value can be provided according to the search condition.

In addition, the risk management server may provide a relative risk score for each index by a relative score, and sum the risk level for each department according to the business domain, and then provide the risk level for each department as a level risk for each business.

In addition, the risk management server may compute the score of the task-level risk by a relative score, and integrate the scores evaluated by the task domain to provide the final department-level risk as the overall level risk.

In addition, the risk management server may provide a simulation function for calculating a risk level by arbitrarily setting the risk level adjustment, the weight value, and the threshold value at each level of the indicator, the level of each task, and the overall level.

A method for performing an audit task using a risk assessment analysis according to another aspect of the present invention is a method in which a risk management server performs a risk assessment analysis for each task domain grouped with predetermined management indicators for classifying tasks, , Task-level level of risk, and total level level of risk; Performing an audit task based on the calculated result of the risk assessment analysis; And a DBMS (DataBase Management System) storing a result of performing an audit performed by the audit administration server as a result of a risk assessment analysis calculated from the risk management server, wherein the management indicators are classified into a disclosure index and a non- It is classified into indicators and classified by risk indicators and business indicators according to the characteristics of indicators, and addition, modification and deletion are possible.

In addition, the calculating step provides a level-based risk index of each management domain index by using a predetermined weight and a threshold, and the risk level of each index, the risk color per rank, Value can be provided according to the search condition.

In the calculating step, the level risk according to each index may be ranked relative to each other, and the risk level for each department may be provided as a level-by-task risk level.

Also, in the calculating step, the score of the task-level risk may be compared with the score of the final score of the task area to provide the final department-level risk as the overall level risk.

In addition, the calculating step may provide a simulation function of calculating a risk level by arbitrarily setting a risk level adjustment, the weight value, and the threshold value at each level of an indicator, a job level, and an overall level.

As described above, according to the present invention, the risk assessment analysis is performed for each business domain grouping predetermined management indicators that classify tasks, thereby calculating the level level risk, the level level risk, and the overall level risk level for each index as a result of the risk assessment analysis, By linking the analysis results with the audit administration, systematic and efficient audit work can be carried out.

In addition, the present invention can effectively and efficiently prevent and manage risks by monitoring risks of vast work such as insurance premiums, collection, salary, examination, long-term care insurance for the aged.

In addition, the present invention can show an image of an open auditor who sympathizes with a closed and rigid image of appreciation by sharing the set management indicator with the department in charge of monitoring, and can spread the atmosphere of autonomous correction as a whole.

In addition, the present invention can maximize the effect of auditing as well as preventive function through autonomous correction if the management index can be understood and strategically utilized. Also, without managing the continuous post management by risky indicator management You can do it easily. This will ultimately be a systemic basis for the responsible department to implement responsible measures and seek to find the cause of the problem.

In addition, the present invention minimizes the work load of not only the auditing task but also the work of the supervisory department by notifying the high-risk department of the risk level by the risk management by the risk class classification, and by reducing the risk level of the work gradually, Can be realized.

In addition, the present invention can manage overlapping dispositions by effectively managing the cases where the computerized implementations can be implemented as risk indices, and can recognize the risk level in advance by confirming the risk index, So that the cause of the problem can be more easily approached. This will reduce the number of cases and improve the quality of audit results.

Also, the present invention can improve the understanding of the business and the mind of the computer through the process of identifying and setting the management index with high risk per task, and it can improve the mind of the business based on the improved audit ability through the process of the formal or informal data analysis High audits can be performed.

In addition, the present invention can be carried out by applying risk-based audit to the whole process of the audit in connection with the result of the risk assessment analysis and the audit administration system, and it can support the systematicity of the audit performance as well as enterprise risk management.

However, the effects of the present invention are not limited to the above effects, and may be variously extended without departing from the spirit and scope of the present invention.

1 is a diagram for explaining functions of an auditing system according to an embodiment of the present invention.
2 illustrates a system for performing an audit trail according to an embodiment of the present invention.
FIG. 3 is a diagram illustrating a level-level-risk-level-by-index screen according to an embodiment of the present invention.
FIG. 4 is a diagram illustrating a level simulation screen for each indicator according to an embodiment of the present invention.
5 is a diagram illustrating a weight and threshold setting screen according to an embodiment of the present invention.
6 is a view showing a data confirmation and download screen according to an embodiment of the present invention.
FIG. 7 is a diagram showing a layout management screen for each index according to an embodiment of the present invention.
FIG. 8 is a diagram illustrating a screen for comparing charts according to an embodiment of the present invention.
9 is a diagram showing a notification function screen according to an embodiment of the present invention.
FIG. 10 is a diagram illustrating a screen for displaying a level-by-task risk according to an embodiment of the present invention.
FIG. 11 is a view showing a classification screen according to an embodiment of the present invention.
FIG. 12 is a view showing a level-by-task simulation screen according to an embodiment of the present invention.
FIG. 13 is a view showing a comprehensive level risk inquiry screen according to an embodiment of the present invention.
FIG. 14 is a diagram showing a professional field management screen according to an embodiment of the present invention.
15 is a view showing an audit schedule management screen according to an embodiment of the present invention.
16 is a diagram illustrating an auditor assignment structure according to an embodiment of the present invention.
FIG. 17 is a diagram showing a general status inquiry screen according to an embodiment of the present invention. FIG.
18 is a view showing an audit data registration screen according to an embodiment of the present invention.
FIG. 19 is a view showing a smart builder query registration screen according to an embodiment of the present invention.
20 is a diagram for explaining the structure and function of the risk management system.
21 is a diagram for explaining a linkage structure between the risk management system and the audit administration system.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT (S) The following describes a system and method for performing an audit task using a risk assessment analysis in accordance with an exemplary embodiment of the present invention with reference to the accompanying drawings. In particular, in the present invention, a risk assessment analysis is performed for each business domain grouping predetermined management indicators that classify tasks, thereby calculating level-level risk, level-level risk and overall level-level risk by the result of risk assessment analysis, We propose a new method to link evaluation analysis results with audit performance.

1 is a diagram for explaining functions of an auditing system according to an embodiment of the present invention.

Referring to FIG. 1, a risk assessment analysis can be performed, and the result of the risk assessment analysis performed can be linked to the field of expertise and schedule of the auditor in the audit administration, thereby performing differentiated audit work based on the risk.

The implementation of the e-audit function in conjunction with the risk-based audit using the risk assessment analysis can be regarded as an optimal system that enables the audit function to be performed efficiently and effectively. The risk assessment analysis system itself is pre- , Designing and presenting the results of an Excel program, and analyzing the Excel program and implementing it as an information system.

In addition, the risk management system has been systematically improved by analyzing the data extraction analysis, notification call, and risk assessment, while building the risk assessment and analysis system, and the result is the basis for the ability to analyze the data of the auditor.

Furthermore, by operating both the audit administration system and the risk management system, the results of the risk assessment analysis can be linked to the audit administration system, thereby developing the system as an e-audit system that is distinct from other public agencies.

2 illustrates a system for performing an audit trail according to an embodiment of the present invention.

2, a system for performing an audit task using a risk assessment analysis according to an exemplary embodiment of the present invention includes a user terminal 110, a risk management server 120, an audit administration server 130, and a DBMS (DataBase Management System) 140.

The user terminal 110 can perform risk management and audit administration in conjunction with the risk management server and the audit administration server through wired communication or wireless communication. Such a user terminal 110 can be used by users related to risk management and audit administration, such as an auditor / executive, an auditor, an administrator, a business person, an operation applicant, and the like.

Here, the user terminal 110 may be a terminal capable of wired communication and wireless communication, and may include, for example, a smart phone, a tablet PC, a notebook, and a desktop PC.

The risk management server 120 divides the work of the National Health Insurance into three stages (large, medium and small) according to each business and sector, but sets management indicators (a risk index, a work index / a public index, and a private index) (Subclass), that is, the overall level of risk, that is, the level of risk according to each indicator, is calculated again by the task (subclass) It can be calculated as the result of evaluation analysis.

In this case, the management indicator is an indicator for classifying the business, and it can be classified into the open index and the non-disclosure index depending on the disclosure, and classified into the risk index and the business index according to the characteristics of the index.

In addition, the risk may be an index indicating the state of business processing for each management indicator.

In addition, the level of risk according to the indicators shows the management index unit for each business domain as a risk by using predetermined weight and threshold values, and the level level risk for each task is calculated by relative score for each level, And the total level of risk shows the risk level by the final department by compiling the final score of each business area by relative scoring by the level of work level risk.

The risk management server 120 can provide a simulation function for calculating the risk by arbitrarily setting the user's risk level, the weight value, and the threshold value at the level of each indicator, the level of each job, and the overall level.

The audit administration server 130 can perform various audit tasks based on the risk assessment analysis result calculated from the risk management server 120 in conjunction with the risk management server 120. [

The DBMS 140 can store the audit execution result obtained from the audit administration server 130 as a result of the risk assessment analysis calculated from the risk management server 120 in cooperation with the risk management server 120 and the audit administration server 130 have. Here, the DMBS manages the database and can provide an environment in which applications of the risk management server and the audit administration server can share and use the database.

As such, the present invention requires a systematic and efficient risk management system that can divide the whole business of the industrial complex into business domains, measure the risk level of each business domain, reflect on the audit plan, and affect audit performance.

First, it is necessary to decide how to divide the work of the corporation by region in order to establish the risk of each area of the National Health Insurance. In this regard, we have considered the business classification of the corporation, the ordering, and the division of office work in comprehensive audits. As a result, we classified them into institution management, qualification management, premium payment, insurance premium collection, health management, payroll management, It is also necessary to have a function to reclassify.

The method of measuring and showing the risk by classified business area is as follows. That is, the risk level is defined as step by step. The lowest level (level of each indicator) is the risk level for each management area, and the upper level (job level) At the top level (comprehensive level), you can check the risk of a departmental unit that is integrated with the risk by business area.

In addition, the risk screen of each stage is divided into 178 branches, so that the relative risk can be easily compared with each other. Especially, the risk per each management index is represented by 2-year annual risk On the left side, the risk per year and the overall risk for two years can be displayed.

It is possible to analyze the risk trends through the non-disclosure indicators while it is possible to disclose them according to the management indicators and disclose them to the monitoring department according to the indicators. However, sensitive indicators can be used only by the audit department, It can be a basis for conducting differentiated audits by strategically approaching them according to their business characteristics.

Of course, if the system of the present invention is understood in detail and the characteristics of the indicators are fully understood and various core indicators can be set, the degree of risk can be more clearly identified, and efficient and efficient audits can be performed.

FIG. 3 is a view showing a level risk level screen for each indicator according to an embodiment of the present invention, and FIG. 4 is a view showing a level simulation screen for each indicator according to an embodiment of the present invention.

Referring to FIGS. 3 to 4, the risk level of each management index can be searched by condition as well as the simulation function (common to both the job level and the overall level). In addition to the risk ranking by branch office, The proposed method is designed to satisfy the user 's convenience and various requirements by showing the extraction value based on the search condition.

The three-level level of risk proposed in the present invention will be described in detail.

1. Level of risk by indicator

1.1. Classification of risk and score calculation

Monthly extraction values for two years are ranked in order of risk, and rankings and monthly weights can be assigned to indicate the annual risk and total risk of the relevant indicators. In order to maximize the difference in risk level, the score for each risk level can be added.

The weightings of the rankings are different even within the same rank, and the monthly weights mean that the more recent the rank is, the higher the risk level is. The gap between risk grades is increased by giving a different score (for example, by 10 points) for each risk grade, which means that the department with a high risk even if the monthly risk is jagged rather than the department with the average level of risk, It is a measure for higher evaluation.

The threshold value is to exclude a threshold value when a risk score is given in the case where there is inevitably data to be extracted, especially in the case of a risk index, among the management indexes. In other words, assuming that most departments inevitably extract about 3 data from a certain management index, they are given a threshold value of 3 to 4 so as to assign a risk level and score when more data are extracted.

Therefore, there may be no extraction value within the same safety level, or there may be a value below the threshold value. The extraction value exceeds the threshold value, but there are three kinds of safety level belonging to the classification level.

5 is a diagram illustrating a weight and threshold setting screen according to an embodiment of the present invention.

Referring to FIG. 5, these weights and thresholds can be set by the user in the management indicator to maximize the risk level difference, and can be changed as needed.

1.2. Data Support Function

6 is a view showing a data confirmation and download screen according to an embodiment of the present invention.

Referring to FIG. 6, in addition to showing the risk rank and the extracted value in the risk indexes according to the management indexes, the extracted data can be downloaded when the corresponding portions are double-clicked. Through this function, not only can you know the risk trend of the relevant business due to the risk according to the management index, but also it can be used as an audit certificate table or audit support data. If shared with the monitoring department, .

1.3. Data display

Data by management index are largely ratio and value, which is related to the nature of indicator. The reason for distinguishing between the ratios and the values is that it is necessary to understand the indicators well. The reason why the former distinguishes between the former and the latter is that it is better to compare the risk level of the department effective.

The closer the risk indicator is to the value, the greater the number of data. If the extracted data is enough to be immediately available for auditing, showing the value rather than the ratio can better recognize the risk.

FIG. 7 is a diagram showing a layout management screen for each index according to an embodiment of the present invention.

Referring to FIG. 7, the data of each index is automatically executed in a batch form. Unlike the simple aggregation of data, the ratio shows the ratio of the denominator to the denominator, even though the data corresponding to the numerator are the same. The layout by indicator can manage its execution cycle.

1.4. Compare and share risk charts

FIG. 8 is a diagram illustrating a chart for comparing charts according to an embodiment of the present invention, and FIG. 9 is a diagram illustrating a notification function screen according to an embodiment of the present invention.

Referring to FIG. 8, two or more branch offices can be selected from the risk indexes according to the management indexes, and the monthly trends can be easily compared with charts. In addition, if the level of risk reaches a certain level, the department can be notified of the current situation and can be induced to be managed autonomously.

Referring to FIG. 9, the notification function can be utilized when the corresponding management index can be shared with the affected department. When the risk level of the management index falls below the threshold by the threshold setting, the necessity of management will be weakened, To non-public indicators.

2. Level-by-task level risk

2.1. Screen Layout

FIG. 10 is a diagram illustrating a screen for displaying a level-by-task risk according to an embodiment of the present invention.

Referring to FIG. 10, the risk level according to the job level is ranked according to the department after calculating the relative score according to the management indexes, and summing them according to the job domain. For example, in the case of payroll management, there are 14 management indicators, showing the left part (overall and three-year annual risk) at the level of each indicator in order from right to left. Here, users can compare departmental risks by business area and easily identify which management indicators are risky for a particular department.

2.2. Classification by grade

FIG. 11 is a view showing a classification screen according to an embodiment of the present invention.

Referring to FIG. 11, clicking on the category classification displayed on the screen allows all the branch offices to be classified according to the classification, so that the user can grasp the branch office having a high risk level at a glance.

2.3. Weighting at the job level

FIG. 12 is a view showing a level-by-task simulation screen according to an embodiment of the present invention.

Referring to FIG. 12, a screen for allowing a user to arbitrarily set a rating adjustment, a weight, and a threshold value at a task-specific level is provided. This function is intended to solve the problem by allowing the user to select a possible controversy with respect to the danger level standard set by the administrator by monitoring by user. In addition to the monthly and rank-based weights at each level of the indicators, weights can also be assigned to the indicators at each job level. As a result, weights are given to the indicators that are more necessary to manage among the risk indicators and risk indicators among the management indicators through the weighting of the indicators themselves, so that they are reflected in the overall portion at the business level. In addition, when the management index is divided into the risk index and the business index, the risk index extracts the problematic data. Therefore, if the number of branches is smaller than that of the business index, It is possible to compensate for the concern that distorted results may arise by changing the weights of the indicators.

3. Comprehensive level risk

3.1. Screen Layout

FIG. 13 is a view showing a comprehensive level risk inquiry screen according to an embodiment of the present invention.

Referring to FIG. 13, the risk score measured at the job level is compared with the score calculated by the job area to show the final risk level according to the final department. This screen also provides functions such as classification, simulation, and downloading of Excel including color.

3.2 Real-time display

In particular, each risk level display screen at each level is designed to provide the data in DW in real time according to the query conditions, so that the function of the simulation can be performed. Depending on the query condition, that is, the type of grade, the type of query, By showing the relative risk in real time, you can check the conditional analysis report instead of the standardized analysis report. Through this, the relative risk can be confirmed only for the entire branch office or the branch office, so that the user can know a more accurate risk trend for the relevant department by using the comparative analysis method.

3.3. Comprehensive level risk utilization and audit administration linkage

As a result of the overall level of risk, it is possible to determine which branch should be audited first, which can be used to select a comprehensive audit branch and increase the number of audit input to high risk branches. In addition, if a comprehensive audit of a specific branch office is performed, it is possible to identify a specific business field in advance, and a strategy of arranging a high-level professional auditor can be established.

To this end, the environment for extracting the resources to be invested in the audit period, such as the field management of the audit administration, the management of the field of specialization, and the schedule management, should be computerized.

FIG. 14 is a diagram illustrating a professional field management screen according to an embodiment of the present invention, and FIG. 15 is a diagram illustrating an audit schedule management screen according to an embodiment of the present invention.

Referring to FIGS. 14 to 15, in the case of the National Health Insurance Corporation, almost all procedures are performed by the audit administration system of the e-audit system, and the special field and the schedule of the auditor are also managed. It can be synergistic in connection with the evaluation and analysis system, and it supports the risk-based audit with the system.

In addition, by downloading the data of high-risk indicators and confirming them in the preliminary audit period, it is possible to reduce the burden on the audit at the time of audit. As a result, there is a possibility that the plan audit method focusing on high- Based audits as well as system audits.

According to the comprehensive level risk, the audit rank is determined according to the branch office. When the monthly and weekly auditing plan is made considering the situation of the branch office, there are usually four branch offices per week. In this case, the priority is given to each branch according to the total level of risk of the four branch offices, and the auditor is assigned to the branch office that has priority, but three or five auditor candidates are displayed according to the risk of each branch.

16 is a diagram illustrating an auditor assignment structure according to an embodiment of the present invention.

Referring to FIG. 16, as a result of first assigning an auditor to a job area with a high risk level in a branch having a high risk level, the auditor may be assigned to the other side according to the risk level and the order of assignment, For example, in the case of Kim's audit above, it can be assigned to premium collection, which is ranked first but second. In addition, the auditors assigned above can be excluded from the bottom line to prevent duplicate auditor assignments.

3.4. Overview

FIG. 17 is a diagram showing a general status inquiry screen according to an embodiment of the present invention. FIG.

Referring to FIG. 17, in the overall status, it is possible to confirm at a glance what indexes with high risk ranking per job area are, and it is possible to confirm which business areas have high relative risk indexes. This is the basis for providing management improvement support function by showing overall business status and management index as relative risk.

4. Data analysis function to add / change / delete indicator

4.1. Need for data analysis function

The current audit flow is that IT audit is important and it requires the ability to analyze big data data and detect problems. However, there is no staff in the auditing room of the National Health Insurance Corporation because there is no computer work capacity.

In this situation, it may not be possible to analyze the data by installing a DB connection program on your PC. Also, in order to utilize all the data established in the current risk management, a system base should be provided for directly analyzing each DB data and deriving a new point of view. Having the ability to analyze large amounts of data while auditing is an inevitable factor in the aforementioned audit flow.

4.2. Audit data registration and smart builder function

18 is a view showing an audit data registration screen according to an embodiment of the present invention.

Referring to FIG. 18, a large amount of data can be constructed and analyzed by utilizing the audit data registration function. It is possible to analyze the data by accessing the temporary table with DB connection after generating the large amount of secured data as the temporary table and building the data.

Excel, etc., but it may take a long time or it may not be possible to analyze it according to the PC specification or data size.

With this in mind, we have uploaded a large amount of data to the database and built a function to analyze data through the query builder and to add new indexes.

In addition to enhancing the computational mindset, each auditor will develop a comprehensive data analysis capability that allows the individual to freely perform atypical analysis, free from formal analysis by tools such as Excel functions, It will be the base to understand well.

4.3. Add / change / delete indicator

FIG. 19 is a view showing a smart builder query registration screen according to an embodiment of the present invention.

Referring to FIG. 19, the most important point in the risk assessment analysis system is the management index setting, and the management index setting should be added and changed in a timely manner to maximize the effect of the audit through the risk index analysis and quick setting of the risk index . For example, business indices where industrial losses are found can be monitored continuously with the effect of rapid propagation through the establishment of risk indicators. To do this, we have built a system to set the index after query creation, and can add and modify the index.

5. Reorganization of risk management system

As the risk assessment and analysis system was constructed, the monitoring functions in the existing risk management system were newly reorganized and oriented.

As mentioned earlier, existing risk management systems have task-specific scenarios that can be monitored at all times. However, it is difficult to realize monitoring at all times due to the problem of setting up monitoring departments except for corporate card usage history monitoring. The nature of the indicators should also be close to the risk indicator for continuous monitoring, but there are many indicators that are not at that level.

The risk assessment and analysis system analyzes the risk trends by monitoring the management indicators. By differentiating them according to the indicators, the management indicators close to the risk indicators can be downloaded immediately. It can be used as an application.

This has led to the need to refine the existing features of the existing risk management system and to enhance its characteristics. Therefore, in order to enhance the data extraction analysis function, the audit data support function with the usual monitoring function displays not only the data of the unprocessed or confined range extracted from each scenario but the whole processed data, I decided to change it to a function that can be analyzed.

As a result, we extracted the scenario-specific extracted data into big data and implemented the function to access the table of each scenario through Smart Builder and analyze it in DB.

FIG. 20 is a diagram for explaining the structure and function of the risk management system, and FIG. 21 is a diagram for explaining a linkage structure between the risk management system and the audit administration system.

20 to 21, each function of the risk management system can be interchanged, that is, it can be changed at any time to the risk assessment analysis index, or the management index of the risk assessment analysis can be changed to the audit information support scenario at any time And can be developed as an e-audit system that can link the results of the risk assessment analysis with the audit administration system.

The features, structures, effects and the like described in the embodiments are included in one embodiment of the present invention and are not necessarily limited to only one embodiment. Furthermore, the features, structures, effects and the like illustrated in the embodiments can be combined and modified by other persons skilled in the art to which the embodiments belong. Therefore, it should be understood that the present invention is not limited to these combinations and modifications.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is clearly understood that the same is by way of illustration and example only and is not to be taken by way of illustration, It can be seen that various modifications and applications are possible. For example, each component specifically shown in the embodiments can be modified and implemented. It is to be understood that all changes and modifications that come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.

110: User terminal
120: Risk Management Server
130: audit administration server
140: DBMS

Claims (10)

A risk management server that performs a risk assessment analysis for each task domain grouped with predetermined management indicators that classify tasks and calculates level-level risk, task-level risk, and overall-level risk based on the results of the risk assessment analysis;
An audit administration server for performing an audit based on the calculated result of the risk assessment; And
A DBMS (Data Base Management System) for storing a result of the audit performed by the audit administration server as a result of the risk assessment analysis calculated from the risk management server;
The management indicators are classified into open and closed indicators according to whether they are open or not, and they can be added, changed or deleted according to the nature of the indicators,
The risk management server comprises:
Providing a level risk level of each management domain index by risk using the predetermined weight and threshold,
Provide the extraction value that is the basis of the risk ranking by branch office, the risk color by grade, and the risk ranking according to the search condition,
For each level of the above-mentioned level, the monthly extracted value is ranked as risk and the weighted value is given to each rank and the monthly weight is given. If you double-click the relevant part of the screen, you will be able to download the extracted data. You can select two or more branch offices to compare the monthly trends with branch offices. If the risk level reaches a certain level, To the current status,
The level of risk for each indicator is ranked relative to each other, and it is added to each business domain, and then the risk ranking for each department is provided as the level of risk for each business. The business domain includes the operation of the institution, qualification management, insurance premium, insurance premium collection, And,
The risk level for each task is shown in the risk level display screen. The risk level for each task is shown in the risk level screening screen. When calculating the level risk level for each task, the weight is assigned to the management level indicator. Weight,
The risk score for each task is ranked relative to the score for each task,
In relation to the comprehensive level risk, the relative risk is displayed in real time according to the set value of the rating type, inquiry type, feeding type, type, and disclosure as the inquiry condition on the risk inquiry screen,
The risk level adjustment, the weight value, and the threshold value are arbitrarily set by the user at each level of the indicator, the job level, and the comprehensive level to provide a simulation function for calculating the risk level,
The audit administration server determines audit rankings according to the level of risk according to the overall level, creates a monthly and weekly audit plan, assigns priorities to each branch according to the level of risk of each branch, The auditor should be assigned to the auditor, and the auditor should be selected according to the risk of each branch.
A system for performing auditing tasks using risk assessment analysis. delete delete delete delete delete delete delete delete delete

Images