Transversal Policy Conflict Detection

Casalino, Matteo Maria; Plate, Henrik; Trabelsi, Slim

doi:10.1007/978-3-642-28166-2_4

Cited by 1 publication

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Providing that the information retrieved from software used by service providers for audit purposes is sufficiently complete, the automation of the key audit processes is a relatively small step. A considerable amount of research was recently published which could take advantage of the proposed software-based approach to information procurement, for instance, regarding the detection of requirement conflicts (Casalino et al, 2012) or the decision whether a specific control is optimal for a given combination of service, IT landscape and set of requirements (Basile et al, 2010). Building on formalized descriptions and predicate logic, van der Aalst et al (2011) present an interesting approach for performing continuous audits.…”

Section: Accessing the Information Held By Service Providersmentioning

confidence: 99%

Auditing service providers: supporting auditors in cross-organizational settings

Bachlechner

Thalmann²,

Manhart³

2014

Managerial Auditing Journal

View full text Add to dashboard Cite

If you would like to write for this, or any other Emerald publication, then please use our Emerald for Authors service information about how to choose which publication to write for and submission guidelines are available for all. Please visit www.emeraldinsight.com/authors for more information. About Emerald www.emeraldinsight.comEmerald is a global publisher linking research and practice to the benefit of society. The company manages a portfolio of more than 290 journals and over 2,350 books and book series volumes, as well as providing an extensive range of online products and additional customer resources and services.Emerald is both COUNTER 4 and TRANSFER compliant. The organization is a partner of the Committee on Publication Ethics (COPE) and also works with Portico and the LOCKSS initiative for digital archive preservation. AbstractPurpose -The purpose of this paper is to shed light on the particular information needs of external auditors performing information technology (IT) audits at service providers in cross-organizational settings and to promote a software-based approach towards their satisfaction. The approach is intended to supplement the manual approaches currently adopted by auditors to procure information in such settings. Design/methodology/approach -The authors analyzed data collected by means of a series of 16 interviews and four think-aloud sessions with experienced professionals. Findings -Information procurement is perceived as tedious by auditors and largely relies on repeat interviews and perusal of documents. Given the growing complexity of cross-organizational settings, manual approaches to information procurement are reaching their limits. A considerable portion of the information required is often stored by service providers using software that is inaccessible to auditors. The authors argue that a software-based approach providing an interface for auditors to access relevant information held by such software presents an avenue worth exploring. Practical implications -The authors outline how the information stored by service providers using software can be made accessible with reasonable effort. Complementing manual approaches to information procurement with an audit interface would reduce workload and increase quality. Originality/value -The concept of an audit interface represents a novel and promising approach to meeting the information needs of auditors performing IT audits in cross-organizational settings more effectively. Both auditors and service providers would benefit from its implementation.

show abstract

Section: Accessing the Information Held By Service Providersmentioning

confidence: 99%