Information Fusion in Continuous Assurance

Perols, Johan; Murthy, Uday S.

doi:10.2308/isys-50216

Cited by 31 publications

(14 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Evaluation requires a translation from the operational level to the business, or value object level, as in [30]. In a Service Oriented perspective, the focal value object is the business service that uses resources to add value to other resources.…”

Section: Aspectmentioning

confidence: 99%

Smart Auditing -- Innovating Compliance Checking in Customs Control

Bukhsh

Weigand

2013

2013 IEEE 15th Conference on Business Informatics

View full text Add to dashboard Cite

While risk regulations and compliance requirements grow, the capacity of governmental controls only shrinks in many countries. Automation provides a partial solution to this problem, but more is expected from new modes of supervision. The reliability of the provided data becomes essential then. Reliability can be supported by auditing services. At the same time, the advent of Smart Computing creates new requirements on auditing as well as new opportunities. Technology (smart sensors and intelligent data analysis) can support both accounting information system and audit services. To address these developments, this paper discusses the related concepts of Smart Auditing. An initial evaluation has been performed in the domain of customs control as well.

show abstract

Section: Aspectmentioning

confidence: 99%

Smart Auditing -- Innovating Compliance Checking in Customs Control

Bukhsh

Weigand

2013

2013 IEEE 15th Conference on Business Informatics

View full text Add to dashboard Cite

show abstract

“…To enable a permanent communication, [15] developed a continuous auditing model, which effectively connects the auditor's systems to the auditee's systems, by using XML and CORBA. Similar auditing architectures include independent monitoring and control layers for continuously querying and analyzing auditing objects [3,42,52,53]. Additionally, different kinds of middleware and standard interfaces [49] as well as independent auditing web services [39] are suggested to be integrated in continuous auditing systems, allowing cloud service customers to continuously review and validate the adherence with selected certification criteria.…”

Section: System Architecturementioning

confidence: 99%

“…For example, [30] analyzed the OVAL (Open Vulnerability and Assessment Language) and the XCCDF (Extensible Configuration Checklist Description Format) to enable (semi-) automated IT controls checks, patch and configuration management validation, and vulnerability assessments. The provided tools, processes, and capabilities may differ based upon the extent, kind, and objectives of the used auditing system [15,42,52,53].…”

Section: System Architecturementioning

confidence: 99%

See 1 more Smart Citation

What is Really Going On at Your Cloud Service Provider? Creating Trustworthy Certifications by Continuous Auditing

Lins

Thiebes

Schneider

et al. 2015

2015 48th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

Cloud service certifications attempt to assure a high level of security and compliance. However, considering that cloud services are part of an everchanging environment, multi-year validity periods may put in doubt the reliability of such certifications. We argue that continuous auditing of selected certification criteria is required to assure continuously reliable and secure cloud services and thereby increase the trustworthiness of certifications. Continuous auditing of cloud services is still in its infancy, thus, we performed a systematic literature review to identify automated auditing methods that are applicable in the context of cloud computing. Our study yields a set of automated methods for continuous auditing in six clusters. We discuss the identified methods in terms of their applicability to address major concerns about cloud computing and how the methods can aid to continuously audit cloud environments. We thereby provide paths for future research to implement continuous auditing in cloud service contexts.

show abstract

“…The current issue encompasses: one article on organizational effects and new cloud technology (Alali and Yeh 2012); three articles in the emerging continuous audit/continuous monitoring (CA/ CM) paradigms (Perols and Murthy 2012;Gonzalez et al 2012;Borthick 2012); two articles on user reaction to electronic disclosure (Smith et al 2012;Sutton et al 2012); one article on behavioral factors in technological systems (Huerta et al 2012); one article looking at statutory guidance relative to internal controls (Janvrin et al 2012); one article on technology company performance (Bauer et al 2012); and this current editorial, which looks at standards and their relevance (Vasarhelyi 2012). These articles taken together present a portfolio that is representative of extant AIS research and certainly addresses some of the paradigm changes discussed in this editorial.…”

Section: Paths For Ais Researchmentioning

confidence: 99%