Search results

This study aims to examine the ability of big data analytics (BDA) to investigate financial reporting quality (FRQ), identify the knowledge base and conceptual structure of this research field and explore BDA techniques used over time.

This study uses a comprehensive bibliometric analysis approach (performance analysis and science mapping) using software packages, including Biblioshiny and VOSviewer. Multiple analyses are conducted, including authors, sources, keywords, co-citations, thematic evolution and trend topic analysis.

This study reveals that the intellectual structure of using BDA in investigating FRQ encompasses three clusters. These clusters include applying data mining to detect financial reporting fraud (FRF), using machine learning (ML) to examine FRQ and detecting earnings management as a measure of FRQ. Additionally, the results demonstrate that ML and DM algorithms are the most effective techniques for investigating FRQ by providing various prediction and detection models of FRF and EM. Moreover, BDA offers text mining techniques to detect managerial fraud in narrative reports. The findings indicate that artificial intelligence, deep learning and ML are currently trending methods and are expected to continue in the coming years.

To the best of the authors’ knowledge, this study is the first to provide a comprehensive analysis of the current state of the use of BDA in investigating FRQ.

The main objective of the paper is to investigate the existence and adequacy of implemented Computerized Accounting Information Systems (CAIS) security controls to prevent, detect and correct security breaches in Saudi Arabian organizations. This is the first part of a two‐part paper on the subject.

This paper presents and examines the literature review related to CAIS security controls.

Finds that the results of the study will enable managers and practitioners to better secure their CAIS and to champion IT development for the success of their business.

This paper fills a vacuum by conducting research in Saudi Arabia, a developing country, whereas previous research has mainly involved developed countries.

The purpose of this paper is to investigate empirically the impact of emerging information technology (IT) on internal auditors' (IA) activities, and to examine whether the IT evaluations performed in Saudi organizations vary, based on evaluation objectives and organizational characteristics.

A survey, using a self‐administered questionnaire, is used to achieve these objectives. About 700 questionnaires were randomly distributed to a sample of Saudi organizations located in five main Saudi cities. In total, 218 valid and usable questionnaires – representing a 30.7 percent response rate – were collected and analyzed using Statistical Package for Social Sciences – SPSS version 15.

The results of the study reveal that IA need to enhance their knowledge and skills of computerized information systems (CIS) for the purpose of planning, directing, supervising and reviewing the work performed. The results of the study are consistent with Hermanson et al. that IA focus primarily on traditional IT risks and controls, such as IT data integrity, privacy and security, asset safeguarding and application processing. Less attention has been directed to system development and acquisition activities. The IA's performance of IT evaluations is associated with several factors including: the audit objectives, industry type, the number of IT audit specialists on the internal audit staff, and the existence of new CIS.

From a practical standpoint, managers, IA, IT auditors, and practitioners alike stand to gain from the findings of this study.

The findings of this study have important implications for managers and IA, enabling them to better understand and evaluate their computerized accounting systems.

The objective of this paper is to investigate the perceived threats of computerized accounting information systems (CAIS) in Saudi organizations.

An empirical survey using a self‐administered questionnaire has been carried out to achieve this objective. Four hundred questionnaires have been randomly distributed to different types of Saudi organizations and covered seven Saudi cities. Two hundred and eight questionnaires had been collected. After excluding the incomplete and invalid responses, the study ended with 136 valid and usable questionnaires, representing a 34 percent response rate. This response rate is acceptable in this kind of empirical surveys. The collected data has been analyzed using the statistical package for social sciences (SPSS) version 12.

The survey results reveal that almost half of the responded Saudi organizations are suffering financial losses due to internal and external CAIS security breaches. The results also reveal that accidental and intentional entry of bad data; accidental destruction of data by employees; employees' sharing of passwords; introduction of computer viruses to CAIS; suppression and destruction of output; unauthorized document visibility; and directing prints and distributed information to people who are not entitled to receive are the most significant perceived security threats to CAIS in Saudi organizations.

Accordingly, it is recommended to strengthen the security controls over the above weaken security areas and to enhance the awareness of CAIS security issues among Saudi organizations to manage the security risks and to achieve better protection to their CAIS. The results of the study enable managers and practitioners to champion information technology developments for success of their businesses.

This paper aims to examine the existence and adequacy of implemented computerized accounting information system (CAIS) security controls to prevent, detect and correct security breaches in Saudi organization.

The first part of the paper introduces and discusses the literature review concerned with the CAIS security controls. The current paper introduces and discusses the main results of the empirical investigation. An empirical survey using self‐administered questionnaire, was carried out to achieve this purpose. A total of 500 questionnaires were distributed on a random sample of Saudi organizations. Of them, 275 valid, usable questionnaires were collected and analyzed.

The results of the study highlight a number of inadequately implemented CAIS security controls, and some suggestions and recommendations are introduced to strengthen the weak points and to close the loopholes in the present CAIS security controls in Saudi organizations.

From a practical standpoint, mangers, auditors, IT users and practitioners alike stand to gain from the findings of this study.

The results presented in the paper help enable managers, auditors, IT users and practitioners to better understand and secure their CAIS and to champion IT development for the success of their businesses.

Computerized accounting information systems (CAIS) are becoming more readily available to all types and sizes of business. The increased growth in real‐time and online data processing in CAIS has made access to these systems more available and easier for many users. Therefore, implementing adequate security controls over organisations, CAIS and their related facilities has become a necessity. The main objective of this article is to investigate the adequacy security controls implemented in the Egyptian banking industry (EBI) to preserve the confidentiality, integrity and availability of the banks' data and their CAIS through a proposed security controls check‐list. The security controls check‐list of CAIS was developed based on the available literature and the empirical results of previous studies. It includes many security counter‐measures that are empirically tested here for the first time. The entire population of the EBI has been surveyed in this research. The significant differences between the two respondent groups had been investigated. The statistical results revealed that the vast majority of Egyptian banks had adequate CAIS security controls in place. The results also revealed that the heads of computer departments (HoCD) paid relatively more attention to technical problems of CAIS security controls. This study has provided invaluable empirical results regarding inadequacies of implemented CAIS security controls in the EBI. Accordingly some recommendations were suggested to strengthen the security controls in the Egyptian banking sector.

This paper seeks to empirically examine the existence and implementation of information security governance (ISG) in Saudi organizations.

An empirical survey, using a self‐administered questionnaire, is conducted to explore and evaluate the current status and the main features of ISG in the Saudi environment. The questionnaire is developed based on ISG guidelines for boards of directors and executive management issued by the Information Technology (IT) Governance Institute and other related materials available in the literature. A total of 167 valid questionnaires are collected and processed using the Statistical Package for Social Sciences, version 16.

The results of the study reveal that although the majority of Saudi organizations recognize the importance of ISG as an integrant factor for the success of IT and corporate governance, most of them have no clear information security strategies or written information security policy statements. The majority of Saudi organizations have no disaster recovery plans to deal with information security incidents and emergencies; information security roles and responsibilities are not clearly defined and communicated. The results also show that alignment between ISG and the organization's overall business strategy is relatively poor and not adequately implemented. The results also show that risk assessment procedures are not adequately and effectively implemented, ISG is not a regular item in the board's agenda, and there are no properly functioning ISG processes or performance‐measuring systems in the majority of Saudi organizations. Accordingly, appropriate actions should be taken to improve implementing and measuring the ISG performance in Saudi organizations.

From a practical standpoint, managers and practitioners alike stand to gain from the findings of this study. The results of the paper enable them to better understand and evaluate ISG and to champion IT development for business success in Saudi organizations.

The objective of this study is to investigate perceived security threats of Computerized Accounting Information Systems (CAIS) that face Jordanian domestic banks. An empirical survey using self‐administrated questionnaire has been carried out to achieve the above‐mentioned objective. The study results reveal that accidental entry of “bad” data by employees, accidental destruction of data by employees; intentional entry of “bad” data by employees and employees’ sharing passwords are the top four security threats that face domestic banks. The paper concludes that most security threats that face domestic banks are internally generated and unintentional.

This study aims to empirically investigate the impact of adopting big data and data analytics (BD&A) on audit quality (AQ).

A questionnaire was distributed among audit practitioners working at audit firms in Egypt and 205 responses were collected. Partial least square structural equation modeling (PLS-SEM) was used to analyze and test research hypotheses.

The results reveal that BD&A has a direct significant positive effect on the audit process (AP) and auditor competence (AC). However, an insignificant impact of BD&A is found on audit fees (AF). In addition, the results indicate that BD&A has significant positive direct and indirect impacts on AQ.

The results of this study will benefit several auditing stakeholders, such as audit firms, audit regulators, novice financial auditors and academic scholars.

This research is one of the earliest to empirically address the role of BD&A in enhancing AQ. It incorporates AP, AC and AF as mediators into a single model to explain the impact of BD&A on AQ. Also, it attempts to provide empirical evidence from a developing country with a less-regulated audit environment.

The purpose of this paper is to explore the importance and implementation of the Control Objectives for Information and Related Technology (COBIT) processes in Saudi organizations.

An empirical survey, using a self‐administered questionnaire, was conducted to achieve this purpose. A total of 500 questionnaires were distributed to a selected sample of organizations in Saudi Arabia. Of these, 127 valid questionnaires – representing 25.4 percent response rate – were collected and analyzed using the Statistical Package for Social Sciences (SPSS) version 16.

The results of this paper reveal that the majority of respondents perceive the importance of the COBIT processes and domains, but a lower percentage believe that such processes are adequately implemented in their organizations. It is observed that banks, financial institutions, and service organizations show more concern and application of COBIT processes compared with other organizations. The results also reveal that IT specialists, internal auditors, and executive managers perceive and appreciate the importance of COBIT processes more than the others.

The results of this paper will enable Saudi organizations to better understand, implement, evaluate, and manage information technology governance (ITG) for their businesses success. The paper provides useful information for executive managers, IT managers, accountants, auditors, and academics to understand the implementation phase and impact of COBIT on ITG in Saudi organizations.

The paper provides useful information for executive managers, IT managers, accountants, auditors, and academics, to understand the implementation phase and impact of COBIT on ITG in Saudi organizations.