KR-102962340-B1 - APPARATUS AND METHOD FOR DEPARTMENT-SPECIFIC CONTROL CHECKLIST GENERATION AND REPORTING BASED ON AI AND RAG

Abstract

The present invention relates to an AI and RAG-based device and method for generating and reporting departmental control checklists. An electronic device according to one embodiment of the present invention includes a memory and a processor connected to the memory, and the processor may be configured to execute the following steps: (a) receiving a request from a user terminal to create a Departmental Controls Functional Checklist (DCFC) for a specific department; (b) based on the received request, loading a checklist template specialized for the department to create a DCFC instance including inspection items defined in the template; (c) performing an automatic status check on the inspection items of the created DCFC instance through an artificial intelligence module and recording the inspection results in the DCFC instance; (d) when the inspection in step (c) is completed, aggregating the inspection results recorded in the DCFC instance to create a final inspection report; and (e) transmitting the created final inspection report to a pre-configured administrator terminal.

Inventors

• 이태권
• 김봉수

Assignees

• (주) 아지랑랑이랑

Dates

Publication Date

20260508

Application Date

20251125

Claims (3)

1. In electronic devices, Memory; and A processor connected to the above memory; including, The above processor is: (a) A step of receiving a request from a user terminal to create a DCFC (Departmental Controls Functional Checklist) for a specific department; (b) a step of creating a DCFC instance that includes inspection items defined in the template by loading a checklist template specialized for the department based on the received request; (c) A step of performing an automatic status check on the inspection items of the generated DCFC instance through an artificial intelligence module and recording the inspection results in the DCFC instance; (d) a step of generating a final inspection report by compiling the inspection results recorded in the DCFC instance when the inspection of step (c) above is completed; and (e) a step of transmitting the generated final inspection report to a pre-configured administrator terminal; configured to execute, The above checklist template is, Through the above artificial intelligence module, predefined operational standards or compliance regulations are analyzed according to the unique business characteristics of the relevant department, and based on the analyzed operational standards or compliance regulations, It is created to include multiple inspection items that the above department must comply with, specific pass criteria for determining pass/fail for each of the above inspection items, and an inspection cycle indicating the frequency for inspecting the corresponding checklist template, and The above artificial intelligence module is, When performing the automatic status check of step (c) above, Identify the department to which the user logged into the user terminal of step (a) belongs, and Verify the above inspection items of the above DCFC instance using the RAG (Retrieval-Augmented Generation) method, Search for evidence data related to the relevant inspection items based solely on the Departmental DB and Common DB corresponding to the identified departments, and The above-mentioned evidence data retrieved is compared with the above-mentioned pass criteria for the corresponding inspection item to derive the above-mentioned inspection result including whether the corresponding inspection item passes or fails (Pass or Fail), and The above processor is, In step (b) above, a risk quantification score for each inspection item included in the template is derived, and Inspection items where the above risk quantification score exceeds the pre-set critical risk score are set as priority audit items, and Temporarily suspend the automatic generation of the above final inspection report for the above key audit items, and Generate manual review request information by aggregating the current inspection results for the relevant key audit items, the pass criteria for the relevant key audit items, and the evidence data retrieved for the relevant key audit items, and Transmit the above manual review request information to the above administrator terminal, and When confirmation information including the administrator's manual review results regarding the aforementioned key audit items is received from the above administrator terminal, the manual review results regarding the relevant key audit items are adopted to proceed with the generation of a final inspection report, and The above risk quantification score is, Derived by the mathematical formula below, S_rq represents the above-mentioned risk quantification score for the corresponding inspection item, F_total represents the cumulative number of failures in the inspection results for the corresponding inspection item derived based on the history of past DCFC instances for the inspection item, N_total represents the cumulative number of inspections for the corresponding inspection item, and F_cons represents the number of consecutive failures retrospectively from the current point in time for the corresponding inspection item. The above processor is, Based on the aforementioned risk quantification scores for inspection items for each department, a quality index for the corresponding department is derived, and When transmitting the final inspection report to the above administrator terminal, the quality index is transmitted together, and Deriving a revised inspection cycle by reflecting the above quality index in the inspection cycle of the relevant department's checklist template, and Reflect the above revision inspection cycle in the corresponding checklist template, and The above quality index is, Derived by the mathematical formula below, The above I_DQ represents the quality index for the relevant department, k represents the total number of inspection items for the relevant department, S_rq,j represents the risk quantification score of the j-th inspection item, and dt_j represents the elapsed time between the current time and the final inspection time of the j-th inspection item, and The above correction inspection cycle is, Derived by the mathematical formula below, An electronic device characterized in that C_next represents the above-mentioned correction inspection cycle for the relevant department, C_base represents the existing inspection cycle for the relevant department, and I_DQ represents the above-mentioned quality index for the relevant department.
2. delete
3. delete

Description

Apparatus and Method for Department-Specific Control Checklist Generation and Reporting Based on AI and RAG The present invention relates to an AI and RAG-based device and method for generating and reporting departmental control checklists. Unless otherwise indicated in this specification, the contents described in this section are not prior art for the claims of this application, and are not to be recognized as prior art simply because they are included in this section. As the size and complexity of businesses increase, the importance of internal control systems to ensure the reliability of financial reporting, operational efficiency, and regulatory compliance is being emphasized more than ever. The internal and external regulatory environment, including K-SOX (Internal Accounting Control System), ISO certification, and the Personal Information Protection Act, is becoming increasingly stringent, placing a growing burden on companies to respond to these changes. Traditional internal control inspection methods rely on a passive and static approach, primarily performed annually or semi-annually by audit teams or external consultants. This method is based on generic checklists created in Excel or Word documents, where personnel manually collect evidence and conduct inspections through interviews. However, this traditional method has several fundamental limitations. First, manual inspection is inefficient and highly prone to errors. The process of manually sampling and reviewing vast amounts of data not only consumes enormous amounts of time and manpower, but also carries a high risk of lack of consistency and inspection errors due to the involvement of the 담당자's (person in charge's) subjective judgment. Second, static checklists fail to reflect the specific characteristics of each department. Each department possesses its own unique business processes and specialized regulations, such as accounting standards for the finance department, software development standards for the development department (e.g., the e-Government Standard Framework), and compliance with labor laws for the HR department. However, general-purpose checklists cannot thoroughly inspect these key departmental control items. Third, there are issues regarding data access silos and security. Effective inspections require access to data from various systems, such as ERP, HR systems, and code repositories (e.g., GitHub); however, existing methods make integrated inspections difficult due to the fragmentation of data. Furthermore, granting excessive data access privileges to specific departments (e.g., the audit team) for inspection purposes can lead to a risk of leakage of sensitive information, such as financial or HR data. Fourth, real-time response is impossible due to the long inspection cycle. Inspections conducted annually or quarterly tend to result in a "too little, too late" response, and there are limitations in detecting and preventing operational risks that occur on a daily or weekly basis. Recently, there have been attempts to introduce AI or RAG (Search Augmentation Generative) technologies to address these issues, but they remain at the level of simply searching historical documents to provide Q&A. A systematic automation system is still lacking that proactively generates periodic checklists (DCFC) based on each department's unique operational standards, enables AI to automatically perform inspections by referencing only strictly controlled databases (e.g., common DB, departmental DB) based on user permissions, and reports the results. Therefore, there is an urgent need for new technology that can dramatically improve the level of enterprise-wide internal control by performing periodic, department-specific, and RAG-based automated internal control checks (DCFC) across all departments of an organization, ensuring security by strictly controlling data access rights during this process, and finally providing approved check reports to managers. Other aspects, features, and benefits of specific preferred embodiments of the present invention, as described above, will become more apparent from the following description in conjunction with the accompanying drawings. FIG. 1 is a conceptual diagram of an AI and RAG-based departmental control checklist generation and reporting device according to one embodiment of the present invention. FIG. 2 is a block diagram of an electronic device according to one embodiment of the present invention. FIG. 3 is a diagram showing the creation of a checklist template according to one embodiment of the present invention. FIG. 4 is a drawing showing a database according to one embodiment of the present invention. FIG. 5 is a diagram showing the derivation of key audit items according to one embodiment of the present invention. FIG. 6 is a diagram showing the derivation of a correction inspection cycle according to an embodiment of the present invention. FIG. 7 is a flowchart of a method for generating and repo