Tung-Hsien Wu , Shaio Yan Huang , An-An Chiu , David C. Yen
{"title":"IT governance and IT controls: Analysis from an internal auditing perspective","authors":"Tung-Hsien Wu , Shaio Yan Huang , An-An Chiu , David C. Yen","doi":"10.1016/j.accinf.2023.100663","DOIUrl":null,"url":null,"abstract":"<div><p>Inadequate information technology (IT) management can lead to system ineffectiveness and operational stagnation within enterprises. While the application of IT governance provides a means for companies to validate IT functionality, oversee IT operations, and mitigate IT-associated risks, there is a paucity of research examining its implications of IT governance on IT controls, particularly within the context of a firm’s Internal Audit Function (IAF). Addressing this gap in the literature, this research delves into the relationship between the characteristics of the IAF and IT governance within the IAF. It further probes the linkage between IT governance associated with the IAF and IT control activities. We analyze survey data from 414 internal auditors across various Taiwanese companies using partial least squares regression. The findings suggest that IT knowledge and internal auditing roles have a significantly positive relationship with the quality of the IAF-IT relationship and IT governance processes. Similarly, IT audit competencies exhibit a significantly positive relationship with IT governance processes. Furthermore, properly structured IT governance processes and a high-quality IAF-IT relationship demonstrate a positive association with the effectiveness of general controls. This research amalgamates and extends prior investigations into IT governance and internal auditing, underlining their critical role in successfully implementing superior IT controls.</p></div>","PeriodicalId":47170,"journal":{"name":"International Journal of Accounting Information Systems","volume":null,"pages":null},"PeriodicalIF":4.1000,"publicationDate":"2023-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Accounting Information Systems","FirstCategoryId":"91","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1467089523000556","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS","Score":null,"Total":0}
引用次数: 0
Abstract
Inadequate information technology (IT) management can lead to system ineffectiveness and operational stagnation within enterprises. While the application of IT governance provides a means for companies to validate IT functionality, oversee IT operations, and mitigate IT-associated risks, there is a paucity of research examining its implications of IT governance on IT controls, particularly within the context of a firm’s Internal Audit Function (IAF). Addressing this gap in the literature, this research delves into the relationship between the characteristics of the IAF and IT governance within the IAF. It further probes the linkage between IT governance associated with the IAF and IT control activities. We analyze survey data from 414 internal auditors across various Taiwanese companies using partial least squares regression. The findings suggest that IT knowledge and internal auditing roles have a significantly positive relationship with the quality of the IAF-IT relationship and IT governance processes. Similarly, IT audit competencies exhibit a significantly positive relationship with IT governance processes. Furthermore, properly structured IT governance processes and a high-quality IAF-IT relationship demonstrate a positive association with the effectiveness of general controls. This research amalgamates and extends prior investigations into IT governance and internal auditing, underlining their critical role in successfully implementing superior IT controls.
信息技术(IT)管理不力会导致系统效率低下和企业运营停滞。虽然 IT 治理的应用为企业提供了验证 IT 功能、监督 IT 运营和降低 IT 相关风险的手段,但很少有研究探讨 IT 治理对 IT 控制的影响,尤其是在企业内部审计职能(IAF)的背景下。针对这一文献空白,本研究深入探讨了内部审计职能部门的特点与内部审计职能部门内部 IT 治理之间的关系。研究还进一步探讨了与内部审计机构相关的 IT 治理与 IT 控制活动之间的联系。我们使用偏最小二乘法回归分析了来自台湾各公司 414 名内部审计师的调查数据。研究结果表明,IT 知识和内部审计角色与 IAF-IT 关系和 IT 治理流程的质量有显著的正相关关系。同样,IT 审计能力与 IT 治理流程也呈显著正相关。此外,结构合理的 IT 治理流程和高质量的 IAF-IT 关系与一般控制的有效性呈正相关。这项研究合并并扩展了之前对信息技术治理和内部审计的调查,强调了它们在成功实施卓越信息技术控制中的关键作用。
期刊介绍:
The International Journal of Accounting Information Systems will publish thoughtful, well developed articles that examine the rapidly evolving relationship between accounting and information technology. Articles may range from empirical to analytical, from practice-based to the development of new techniques, but must be related to problems facing the integration of accounting and information technology. The journal will address (but will not limit itself to) the following specific issues: control and auditability of information systems; management of information technology; artificial intelligence research in accounting; development issues in accounting and information systems; human factors issues related to information technology; development of theories related to information technology; methodological issues in information technology research; information systems validation; human–computer interaction research in accounting information systems. The journal welcomes and encourages articles from both practitioners and academicians.