Factors associated with security/cybersecurity audit by internal audit function

Islam, Md. Shariful; Naderi, Farah; Stafford, Thomas F.

doi:10.1108/maj-07-2017-1595

Cited by 55 publications

(36 citation statements)

References 71 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Similarly, why synthesize studies related to cybersecurity in the accounting and auditing field? The number and severity of cyber threats have been unprecedented in recent years, and successful cyber-attacks have been reported regularly (Islam et al, 2018). Moreover, the costs of cyber-attacks are tremendous; therefore, cybersecurity risk management is argued MAJ 34,7 to be extremely important for organizations (Islam et al, 2018).…”

Section: Motivationmentioning

confidence: 99%

“…Similarly, Islam et al (2018) stated that cybersecurity auditing is a relatively new dimension of security practice intended to support the protection of critical information assets. The authors added that an auditing process will seek to obtain evidence of organizational cybersecurity policies and their efficacy for the protection of asset integrity, data confidentiality and data access and availability.…”

Section: Cybersecuritymentioning

confidence: 99%

“…The study points out that managing cybersecurity is increasingly important for companies because of the growing dependence of firms on technology for conducting their business, creating a competitive advantage and MAJ 34,7 achieving success. Islam et al (2018) examined the factors associated with the extent of cybersecurity auditing by the internal audit function (IAF) of the firm. Specifically, they focused on whether the internal audit function, the certified audit executive's characteristics, the board involvement related to governance, the role of the audit committee and the chief risk officer and the IAF tasked with ERM are associated with the extent to which the firm engages in cybersecurity auditing.…”

Section: Cybersecuritymentioning

confidence: 99%

“…No. of citations Amir et al, 2018;Carré et al, 2018;Curtis et al, 2018;Ettredge et al, 2018;Gordon et al, 2018;Gyun No and Vasarhelyi, 2017;Islam et al, 2018;Kahyaoglu and Caliyurt, 2018;Li et al, 2018;Rahimian et al, 2016;Smith et al, 2018;Stafford et al, 2018 12 0-4 Bose and Luo, 2014;Gansler and Lucyshyn, 2005;Gordon et al, 2016;Gordon et al, 2008;Higgs et al, 2016;Steinbart et al, 2018;Steinbart et al, 2016;Steinbart et al, 20138 5-30 Abu-Musa, 2006Gordon et al, 2015a;Gordon et al, 2015b;Hausken, 2007;Kwon et al, 2013;Pathak, 2005;Steinbart et al, 2012;Wallace et al, 2011;Wang et al, 2013 9 30-90 Boritz andNo, 2005;Ettredge and Richardson, 2003;Gordon et al, 2010;Gordon et al, 2003;Gordon and Loeb, 2002;Hausken, 2006;Lainhart, 2000;Li et al, 2012;Tanaka et al, 2005 10 90 ! Table IV.…”

Section: Authorsmentioning

confidence: 99%

See 3 more Smart Citations

Cybersecurity in accounting research

Haapamäki

Sihvonen

2019

MAJ

View full text Add to dashboard Cite

Purpose This paper aims to update the cybersecurity-related accounting literature by synthesizing 39 recent theoretical and empirical studies on the topic. Furthermore, the paper provides a set of categories into which the studies fit. Design/methodology/approach This is a synthesis paper that summarizes the research literature on cybersecurity, introducing knowledge from the extant research and revealing areas requiring further examination. Findings This synthesis identifies a research framework that consists of the following research themes: cybersecurity and information sharing, cybersecurity investments, internal auditing and controls related to cybersecurity, disclosure of cybersecurity activities and security threats and security breaches. Practical implications Academics, practitioners and the public would benefit from a research framework that categorizes the research topics related to cybersecurity in the accounting field. This type of analysis is vital to enhance the understanding of the academic research on cybersecurity and can be used to support the identification of new lines for future research. Originality/value This is the first literature analysis of cybersecurity in the accounting field, and it has significant implications for research and practice by detailing, for example, the benefits of and obstacles to information sharing. This synthesis also highlights the importance of the model for cybersecurity investments. Further, the review emphasizes the role of internal auditing and controls to improve cybersecurity.

show abstract

Section: Motivationmentioning

confidence: 99%

Section: Cybersecuritymentioning

confidence: 99%

Section: Cybersecuritymentioning

confidence: 99%

Section: Authorsmentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity in accounting research

Haapamäki

Sihvonen

2019

MAJ

View full text Add to dashboard Cite

show abstract

“…Then the research from Guo [3] which began with the failure of IS / IT management by pharmaceutical companies which caused narcotic type drugs to be purchased freely, because this was prevented by using the COBIT and COSO methods. Then another research from Islam [4] is related to information security using CBOK 2015 which aims to prevent the loss of important information and data by an organization.…”

Section: Introductionmentioning

confidence: 99%

Internal Control of Finance Information Systems on ERP Platform (Case Study : PT Petrokopindo Cipta Selaras)

Santoso

Suryani

2021

IJPS

View full text Add to dashboard Cite

Businesses of any scale today cannot be separated from Information Systems and Technology, whether large or small scale requires a reliable information system to support appropriate, effective and efficient decision making for stakeholders. The information system that is currently trending in the business world is an Enterprise Resource Program (ERP) based on cloud computing (Cloud) which can help users run a business anywhere and anytime. In a report released by Delloite entitled: Hot Topics for IT Internal Audit In Financial Services reveals that the current hot issues are Cyber Security, Data Protection and Data Privacy, IT Governance and IT Risk. PT Petrokopindo is a company that has implemented cloud-based ERP. However, the potential for risks such as Cyber Security, Data Protection and Data Privacy from Cloud ERP can occur, which can disrupt the company's business operations. In this research, case studies will be carried out on companies that have implemented Cloud-ERP. The method used is the COBIT 5 Framework, which was chosen as the best and more complete guideline than other frameworks in the IT / IS management field (Sutikno, 2014). The expected result is to be able to identify security gaps and material weaknesses of the Cloud-ERP information system and then provide recommendations for improvements so that IS / IT becomes more reliable. It is hoped that this research can be useful for the development of IS / IT governance science, and as input for stakeholders on the Cloud-ERP platform in increasing the reliability of an IS / IT against the risk of information leakage and cyber attacks.

show abstract

Benefits and Challenges in Information Security Certification – A Systematic Literature Review

Hulshof

Daneva

2021

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Factors associated with security/cybersecurity audit by internal audit function

Cited by 55 publications

References 71 publications

Cybersecurity in accounting research

Cybersecurity in accounting research

Internal Control of Finance Information Systems on ERP Platform (Case Study : PT Petrokopindo Cipta Selaras)

Benefits and Challenges in Information Security Certification – A Systematic Literature Review

Contact Info

Product

Resources

About