To read this content please select one of the options below:

Protecting a new Achilles heel: the role of auditors within the practice of data protection

Matteo La Torre (Università degli Studi G. d’Annunzio Chieti e Pescara | UNICH, Department of Economics, Italy)
Vida Lucia Botes (Department of Accounting, University of Waikato, Hamilton, New Zealand and Academic Associate Research Fellow, University of South Africa, Pretoria, South Africa)
John Dumay (Department of Accounting and Corporate Governance, Macquarie University, Sydney, Australia)
Elza Odendaal (Department of Auditing, College of Economic and Management Sciences, University of South Africa, Pretoria, South Africa)

Managerial Auditing Journal

ISSN: 0268-6902

Article publication date: 18 September 2019

Issue publication date: 12 May 2021

1720

Abstract

Purpose

Privacy concerns and data security are changing the risks for businesses and organisations. This indicates that the accountability of all governance participants changes. This paper aims to investigate the role of external auditors within data protection practices and how their role is evolving due to the current digital ecosystem.

Design/methodology/approach

By surveying the literature, the authors embrace a practice-oriented perspective to explain how data protection practices emerge, exist and occur and examine the auditors’ position within data protection.

Findings

Auditors need to align their tasks to the purpose of data protection practices. Accordingly, in accessing and using data, auditors are required to engage moral judgements and follow ethical principles that go beyond their legal responsibility. Simultaneously, their accountability extends to data protection ends for instilling confidence that security risks are properly managed. Due to the changing technological conditions under, which auditors operate, the traditional auditors’ task of hearing and verifying extend to new phenomena that create risks for businesses. Thus, within data protection practices, auditors have the accountability to keep interested parties informed about data security and privacy risks, continue to transmit signals to users and instill confidence in businesses.

Research limitations/implications

The normative level of the study is a research limitation, which calls for future empirical research on how Big Data and data protection is reshaping accounting and auditing practices.

Practical implications

This paper provides auditing standard setters and practitioners with insights into the redefinitions of auditing practices in the era of Big Data.

Social implications

Recent privacy concerns at Facebook have sent warning signals across the world about the risks posed by in Big Data systems in terms of privacy, to those charged with governance of organisations. Auditors need to understand these privacy issues to better serve their clients.

Originality/value

This paper contributes to triggering discussions and future research on data protection and privacy in accounting and auditing research, which is an emerging, yet unresearched topic.

Keywords

Citation

La Torre, M., Botes, V.L., Dumay, J. and Odendaal, E. (2021), "Protecting a new Achilles heel: the role of auditors within the practice of data protection", Managerial Auditing Journal, Vol. 36 No. 2, pp. 218-239. https://doi.org/10.1108/MAJ-03-2018-1836

Publisher

:

Emerald Publishing Limited

Copyright © 2019, Emerald Publishing Limited

Related articles