Building the evaluation model of the IT general control for CPAs under enterprise risk management

Huang, Shi‐Ming; Hung, Wei-Hsi; Yen, David C.; Chang, I-Cheng; Jiang, Dino

doi:10.1016/j.dss.2010.08.015

Cited by 35 publications

(20 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The use of a panel of experts is very common and suitable for this type of evaluation and validation (Emory and Cooper, 1991;Dhillon and Torkzadeh, 2006;Huang et al, 2011). The criteria used for selecting the experts required a significant interest in the information security domain.…”

Section: Evaluation Of Artifact's Results Against the Organization's mentioning

confidence: 99%

An information security control assessment methodology for organizations' financial information

Otero

2015

International Journal of Accounting Information Systems

View full text Add to dashboard Cite

Section: Evaluation Of Artifact's Results Against the Organization's mentioning

confidence: 99%

An information security control assessment methodology for organizations' financial information

Otero

2015

International Journal of Accounting Information Systems

View full text Add to dashboard Cite

“…By implementing such mechanisms, it has been shown that risks can be proactively managed [47]. Mechanisms like CobiT and Enterprise Risk Management/ERM are some examples that can help organizations to manage their IT-related risks [21]. So, we suggest the following hypothesis:…”

Section: It Risk Managementmentioning

confidence: 93%

“…Several mechanisms can be used to track and monitor the implementation of the IT strategy and IT projects, besides resources and related services of IT. They are SISP, SLA, business cases evaluation and IT chargeback systems, PMBok, CobiT and Internet Portal [1,15,21,33,52]. Based on these findings, we propose the following hypotheses:…”

Section: It Performance Managementmentioning

confidence: 95%

IT Governance Effectiveness and Its Antecedents: An Empirical Examination in Brazilian Firms

Lunardi

Maçada

Becker

2014

2014 47th Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

IT governance has become an important concern for business, receiving great attention from both practitioners and academics. Although some authors have stated that effective IT governance is crucial for any organization to achieve its corporate goals, little academic research is available that empirically supports the assumptions about the factors that determine the effectiveness of IT governance. In this sense, we proposed and examined a theoretical model that explains and predicts IT governance effectiveness, linking its domains and mechanisms. We empirically tested our hypotheses based on survey data gathered from 87 CIOs of large Brazilian companies. The results have implications about how IT governance domains and the adoption of different IT governance mechanisms can affect IT governance effectiveness, bringing implications from theory and practice.

show abstract

“…Tsai, Chou, Lee, Lin, and Hwang (2013) asserts that research is needed to guide internal auditors in the conceptualization of internal controls within an IT context in a logically consistent manner in order to achieve these goals in an IT environment. Huang, Hung, Yen Chang and Jiang (2011) suggests that auditors need to understand the assumptions behind IT controls to reduce risk in the complex IT environment. Lyytinen et al, (2009) suggest that investigators need to probe ERP implementation as a multilevel change process that involves changes in the organizational routines that carry out the organization's functions and conform to the dominant institutional logic.…”

Section: Research Backgroundmentioning

confidence: 99%

Enterprise Resource Planning Systems Introduction and Internal Auditing Legitimacy: An Institutional Analysis

Elbardan

Ali

Ghoneim

2016

Information Systems Management

View full text Add to dashboard Cite

In this paper, the authors examine how the internal audit function (IAF) maintains its legitimacy when enterprise resource planning (ERP) systems are introduced. This work centers on an in-depth case study of a multinational bank and finds that ERP systems impose an institutional logic of control based on interlinked assumptions. These assumptions motivate changes in the practice and structure of the IAF to become an integrated and comprehensive function to maintain its legitimacy.

show abstract

Building the evaluation model of the IT general control for CPAs under enterprise risk management

Cited by 35 publications

References 26 publications

An information security control assessment methodology for organizations' financial information

An information security control assessment methodology for organizations' financial information

IT Governance Effectiveness and Its Antecedents: An Empirical Examination in Brazilian Firms

Enterprise Resource Planning Systems Introduction and Internal Auditing Legitimacy: An Institutional Analysis

Contact Info

Product

Resources

About