In today's economic turmoil, the pay-per-use pricing model of cloud computing, its flexibility and scalability and the potential for better security and availability levels are alluring to both SMEs and large enterprises. However, cloud computing is fraught with security risks which need to be carefully evaluated before any engagement in this area. This article elaborates on the most important risks inherent to the cloud such as information security, regulatory compliance, data location, investigative support, provider lock-in and disaster recovery. We focus on risk and control analysis in relation to a sample of Swiss companies with regard to their prospective adoption of public cloud services. We observe a sufficient degree of risk awareness with a focus on those risks that are relevant to the IT function to be migrated to the cloud. Moreover, the recommendations as to the adoption of cloud services depend on the company's size with larger and more technologically advanced companies being better prepared for the cloud. As an exploratory first step, the results of this study would allow us to design and implement broader research into cloud computing risk management in Switzerland.
This study helps to shed light on the cost-utility of various interventions, and may support decision making, among other criteria, for future pandemics. Nonetheless, one should consider these results carefully, considering these may not apply to a specific crisis or country, and a dedicated cost-effectiveness assessment should be conducted at the time.
Purpose-This paper aims to investigate management auditing, a thorough examination of an organization and the management in place, through an empirical research to gather data about how management audits are perceived and implemented among Geneva's (Switzerland) business community. The board of directors is in charge of a corporation's overall supervision. The internal auditing function works under the aegis of the board to ensure that the directors will properly execute their responsibilities as de ned by corporate governance rules. Management auditing could thus be used to improve corporation performance. However, management audits are not commonly used or referred to as a tool to address corporate governance. Findings enable the authors to both explain why management audits are not commonly used or referred to as a tool to address corporate governance and generate related research hypotheses. Design/methodology/approach-In this paper, the authors rely on an ethnographic study aimed at exploring perceptions of management audits in service companies from the Geneva region. This study is based on transcripts from 85 semi-directed interviews, conducted over a three-year period, of professionals with managerial and auditing backgrounds. The economic context during these three years was consistently characterized by the Swiss and international nancial crises, ensuring that the ndings remain comparable over this time period. Findings-This paper identi ed three main factors that in uence the integration of management audits into corporate practices: the degree of acceptance of the tools and requirements of management audits, the national culture and values embodied in the practice and the degree of corporate governance maturity. This paper presents the ndings in the form of hypotheses that can be tested on any adoption of good corporate governance practices-not on management audits alone. Research limitations/implications-Notwithstanding the limitations due to its nature and extent, this study's main limitation is its lack of validation of the hypotheses. In further research, the authors intend to use a quantitative survey to validate the research hypotheses and make statistical inferences. Originality/value-This paper contributes to the literature because it is, to the authors' knowledge, the rst study to empirically examine the signi cant link between management audits and corporate governance. The ndings could be interesting for an international audience because they indicate possible action points that boards of directors can leverage to carry out management audits. The ndings also bridge a gap between the literature on management audits and the expanding role of the internal audit function. This study also examines the way companies-in the The authors are thankful for the valuable suggestions made by Florian Dupuy in this version of this paper.
No abstract
Purpose Blockchain is expected to impact reporting and auditing processes. Indeed, the increasing use of blockchain could affect the nature and extent of information available to auditors and how audits are performed. This paper aims to investigate how auditors are assessing the relevance of the current auditing standards in light of the emergent use of blockchain technology. Design/methodology/approach Based on qualitative content analysis, this paper analyzed semi-structured interviews with auditors to understand their shared perception of how the current auditing standards address blockchain’s emergence. Findings The findings reveal a growing demand for information technology (IT) auditing standards, as well as a mismatch in timing between the quickly changing IT environment and the regulators’ slowness in releasing new standards or updating standards. Research limitations/implications The findings reflect the external auditors’ points of view and cannot be generalized to all countries, but future studies should address the development of specific IT-related auditing standards to better fit the fast-evolving technology environment in ways that consider the other stakeholders’ points of view, including those of the standard setters. Practical implications The results of this study show that auditors consider the current auditing standards for IT to be too vague, and they need more guidance on both auditing blockchain and using technologies as audit tools. Originality/value The original contribution of this study lies in the in-depth understanding it provides of the adequacy of the current auditing standards to audit companies using blockchain, which is an under-researched topic.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.