Evaluating the Security Controls of CAIS in Developing Countries: The Case of Saudi Arabia

Abu-Musa,

doi:10.4192/1577-8517-v6_2

Cited by 4 publications

(3 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Such organizations need IT more than ever before to improve their performance, to satisfy their customers' needs and to reduce operating costs without compromising service quality. Saudi Arabia has also a dynamic interaction between the traditional culture and modern economic and business realities, which make Saudi Arabia a unique cultural environment in which to implement the current study (Curtiss, 1995;Yavas, 1997;Yavas and Yasin, 1999;Jasimuddin, 2001;Sohail and Al-Abdali, 2005;Abu-Musa, 2006a).…”

Section: The Objectives Of the Researchmentioning

confidence: 99%

Information technology and its implications for internal auditing

Abu‐Musa

2008

Managerial Auditing Journal

View full text Add to dashboard Cite

Purpose -The purpose of this paper is to investigate empirically the impact of emerging information technology (IT) on internal auditors' (IA) activities, and to examine whether the IT evaluations performed in Saudi organizations vary, based on evaluation objectives and organizational characteristics. Design/methodology/approach -A survey, using a self-administered questionnaire, is used to achieve these objectives. About 700 questionnaires were randomly distributed to a sample of Saudi organizations located in five main Saudi cities. In total, 218 valid and usable questionnairesrepresenting a 30.7 percent response rate -were collected and analyzed using Statistical Package for Social Sciences -SPSS version 15. Findings -The results of the study reveal that IA need to enhance their knowledge and skills of computerized information systems (CIS) for the purpose of planning, directing, supervising and reviewing the work performed. The results of the study are consistent with Hermanson et al. that IA focus primarily on traditional IT risks and controls, such as IT data integrity, privacy and security, asset safeguarding and application processing. Less attention has been directed to system development and acquisition activities. The IA's performance of IT evaluations is associated with several factors including: the audit objectives, industry type, the number of IT audit specialists on the internal audit staff, and the existence of new CIS. Practical implications -From a practical standpoint, managers, IA, IT auditors, and practitioners alike stand to gain from the findings of this study. Originality/value -The findings of this study have important implications for managers and IA, enabling them to better understand and evaluate their computerized accounting systems.

show abstract

Section: The Objectives Of the Researchmentioning

confidence: 99%

Information technology and its implications for internal auditing

Abu‐Musa

2008

Managerial Auditing Journal

View full text Add to dashboard Cite

show abstract

“…IT is a critical factor of success in the organization and provides many opportunities to gain competitive advantages such as operational efficiency, saving money, reduction of human error and is a tool to increase efficiency. Information technology creates new opportunities of business, generating income and costs saving as well (1)(2)(3)(4)(5)(6).…”

Section: Introductionmentioning

confidence: 99%

Principles, Domains and Processes of HIT Governance Frameworks: A Systematic Review

2019

GMJ

View full text Add to dashboard Cite

Introduction: IT governance points out how to manage IT and align the decisions related to IT with processes, resources, and responsibilities within the organization. This study was conducted aimed at a review of studies on the principles, domains, and processes of IT governance framework. Method: This is an applied study that was carried out in the qualitative method of systematic review. The study population consisted of all English articles indexed in scientific databases and electronic journals available. 36 eligible articles from among the articles reviewed entered the study and the data desired were collected through data extraction form and search strategy and analyzed using content analysis. Results: Results showed that among 36 articles, four of the articles dealt with principles, 33 articles with domains, and 24 articles with processes of IT governance frameworks.

show abstract

“…As this need grows, corporations are expected to adopt well-integrated IT systems with other operational controls. These systems face different security risks that may arise from ineffective internal controls or the nature of the competitive environment as the demand for information increases (Abu-Khadra et al, 2012;Abu-Musa, 2006).…”

Section: Introductionmentioning

confidence: 99%

Integrating Internal Control Frameworks for Effective Corporate Information Technology Governance

2018

View full text Add to dashboard Cite

This paper analyzes and proposes how several internal control frameworks can be integrated to achieve effective corporate information technology governance. The fundamental tenet of the current literature in this area is that neither a single framework nor non-integrated multiple frameworks would suffice in achieving effective information technology security and governance. Using the extant literature, a deductive approach, and focusing on three popularized internal control frameworks ERM, COSO, and COBIT5, we propose a framework that can help organizations effectively and efficiently achieve information technology governance through their interaction. An integrated framework is one that links the key control objectives to strategic business objectives and, in doing so, addresses IT governance principles at both a strategic and operational level, whilst aligning IT and business management understanding of the key risk areas that characterize the organization's goals (Goosen and Rudman, 2013). In addition, this fundamental alignment is expected to eliminate unnecessary controls and processes which in turn help improving IT governance. We expect firms seeking to adopt the proper IT governance to utilize the proposed integrated framework.

show abstract

Evaluating the Security Controls of CAIS in Developing Countries: The Case of Saudi Arabia

Cited by 4 publications

References 10 publications

Information technology and its implications for internal auditing

Information technology and its implications for internal auditing

Principles, Domains and Processes of HIT Governance Frameworks: A Systematic Review

Integrating Internal Control Frameworks for Effective Corporate Information Technology Governance

Contact Info

Product

Resources

About