Characteristics of cybersecurity and IT involvement by the IA activity

IF 6 3区管理学 Q2 BUSINESS

International Journal of Accounting Information Systems Pub Date : 2025-01-22 DOI:10.1016/j.accinf.2025.100726

Christopher Calvin , Marc Eulerich , Matthew Holt

引用次数: 0

Abstract

We provide the first, large scale, global study on the characteristics associated with an internal audit function’s involvement in IT and cybersecurity assurance. Using a unique dataset of 1,142 survey responses, we identify internal audit development (i.e., level of maturity) and two characteristics of internal audit knowledge availability (CAE IT certification and external sourcing) as being positively associated with the performance of IT assurance, cybersecurity assurance, or both. Our findings are informative to academia, laying the groundwork for further exploration of internal audit’s engagement in IT and cybersecurity assurance. They are also informative to practice, as they provide insight to standard setters, practitioners, management, and governance bodies about characteristics that can enhance internal audit’s ability to provide IT and cybersecurity assurance.

查看原文本刊更多论文

内部审查活动涉及的网络安全和IT的特征

我们首次对内部审计部门参与IT和网络安全保障的相关特征进行了大规模的全球研究。使用1142个调查回复的独特数据集，我们确定内部审计发展（即成熟度水平）和内部审计知识可用性的两个特征（CAE IT认证和外部采购）与IT保证、网络安全保证或两者的绩效正相关。我们的研究结果对学术界具有借鉴意义，为进一步探讨内部审计在信息技术和网络安全保障中的作用奠定了基础。它们也为实践提供了信息，因为它们为标准制定者、从业者、管理层和治理机构提供了关于可以增强内部审计提供IT和网络安全保证的能力的特征的见解。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Accounting Information Systems Multiple-

CiteScore

9.00

自引率

6.50%

发文量

期刊介绍： The International Journal of Accounting Information Systems will publish thoughtful, well developed articles that examine the rapidly evolving relationship between accounting and information technology. Articles may range from empirical to analytical, from practice-based to the development of new techniques, but must be related to problems facing the integration of accounting and information technology. The journal will address (but will not limit itself to) the following specific issues: control and auditability of information systems; management of information technology; artificial intelligence research in accounting; development issues in accounting and information systems; human factors issues related to information technology; development of theories related to information technology; methodological issues in information technology research; information systems validation; human–computer interaction research in accounting information systems. The journal welcomes and encourages articles from both practitioners and academicians.