Affordable Access

Publisher Website

The relationship between internal audit and information security: An exploratory investigation

Authors
Journal
International Journal of Accounting Information Systems
1467-0895
Publisher
Elsevier
Volume
13
Issue
3
Identifiers
DOI: 10.1016/j.accinf.2012.06.007
Keywords
  • Internal Audit
  • Information Systems Security
  • Security Behaviors
Disciplines
  • Design

Abstract

Abstract The internal audit and information security functions should work together synergistically: the information security staff designs, implements, and operates various procedures and technologies to protect the organization's information resources, and internal audit provides periodic feedback concerning effectiveness of those activities along with suggestions for improvement. Anecdotal reports in the professional literature, however, suggest that the two functions do not always have a harmonious relationship. This paper presents the first stage of a research program designed to investigate the nature of the relationship between the information security and internal audit functions. It reports the results of a series of semi-structured interviews with both internal auditors and information systems professionals. We develop an exploratory model of the factors that influence the nature of the relationship between the internal audit and information security functions, describe the potential benefits organizations can derive from that relationship, and present propositions to guide future research.

There are no comments yet on this publication. Be the first to share your thoughts.

Statistics

Seen <100 times
0 Comments