Sistemele informationale

8/12/2019 Sistemele informationale

1/16

ijcrb.webs.com

INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESSJULY 2013VOL 5,NO 3

THE EFFECT OFGENERAL CONTROLS OF INFORMATIONSYSTEM AUDITING IN THE PERFORMANCE OF INFORMATION

SYSTEMS :FIELD STUDY

Mansour Naser ALrajaAssistant Professor of Management Information Systems, Jerash University-Jordan

post code 26150 JORDAN

Nayef Rage ALomiamAssistant Professor of public Administration, Jerash University-Jordan

AbstractThis study aimed to determine the role played by the general controls of information systems auditing in

improving the performance of information systems in banks listed in the Amman Stock Exchange . To achieve

the objectives and testing of hypotheses a questionnaire was developed especially for the

collection of data from a study sample, which consisting of (64) employees at banks listed inAmman Stock Exchang, the number of questionnaires analyzed are (52), representing (81.25 %) of

the questionnaires distributed. By using appropriate statistical tests, results of the study

showed that banks listed in Amman Stock Exchangapply General controls of information systems

auditing in general, also it found that there is a significant relationship between general

controls of information systems auditing and information systems performance, and general

controls of information systems auditing has a significant impact on information systems

performance.

Keywords: General controls, Information systems, Auditing, performance, Bank, Amman StockExchange.

1.IntroductionThe need to provide strategic information for all concerned levels, is one of the challenges faced by most

companies in the digital economy, which is witnessing a revolution of the developments and changes at different

levels of economic and social in general and technological especially, information is the core of the

administrative leader work in the business. When the need for efficiently and effectively information increase,

that raise the required for controls and standards include a methodology of systems development review, and

review of the used systems documentation, and also to confirm the effectiveness of legal controls which used at

bank. All this is done by the process of systems auditing, by reviewing all stages of developing the systems and

confirm appropriate controls, and identification and application it, as a result that reducing the economic cost of

the systems and improve the quality of information provided by the systems and thus increase the system's ability

to adapt to the latest changes, leading to achievement of objectives, so this study came to focus on this vital

subject and important in one of the important sectors in Jordan, which is facing increasing competition, it is the

private banking sector.2.Study objectivesThis study aimed to determine the role played by the general controls of information systems

auditing in improving the performance of information systems in banks listed in the Amman

Stock Exchange. We can subdivide this main goal into following goals:

- Determine the role of general controls of information systems auditing in improving the

quality of information provided by the systems

- Determine the role of general controls of information systems auditing in increase the

contribution of information systems to achieve the objectives of the bank.

- Determine the role of general controls of information systems auditing in facilitate the

adaptation of systems with the latest changes.

- Determine the role of general controls of information systems auditing in reducing theeconomic cost of the systems.


2/16

ijcrb.webs.com


3.Literature Review3.1.General Controls of Information System Auditing

As soon as data and management procedures are handled by automated systems, Information

Systems Auditing comes into place. This includes new methodologies and control techniques,

pertinent to an automated environment. Information System Auditing requires an opinionabout the Information Systems and data that they process. The data must be accurate,

complete and authorized. Errors must be properly detected and corrected in time and there

must be planned and accurate procedures to guarantee the continuation of operations(Piattini,

2000). Ron Weber has defined IS audit as "the process of collecting and evaluating evidence

to determine whether a computer system (information system) safeguards assets, maintains

data integrity, achieves organizational goals effectively and consumes resources efficiently."

(Sayana, 2002).

Information System Auditing Objectives: The general Information System Auditing

Objectives are as Follows (Piattini, 2000):

Validation of the organizational aspects and administration of the Information Service

function. Validation of the controls of the system development life cycle.

Validation of access controls to installations, terminals, libraries, etc.

Automation of Internal Auditing activities.

Internal Training.

Training membersof the Information Service Function Department

Collaboration with External Auditors

Controls: consist of all the methods, policies, and organizational procedures that ensure the

safety of the organization's assets, the accuracy and reliability of its accounting records, and

operational adherence to management standards.

Control Objectives: In general, the major control objectives are considered to be as follows

(Piattini, 2000): Safeguarding of assets

Guarantee data accuracy, reliability and authorization

Operation efficiency

Compliance with organizational policies and procedures

Types of IS audit(Auditor Generals, 2006):- Audit of IS general controls.

- Audit of application controls.

- Audit of IS development controls.

- IS performance audit.

3.2.performance of information systemsInformation systems is a group of components that interact to produce information(Kroenke,4,2007), also, an information systems collects, processes, stores, analyzes, and

disseminates information for a specific purpose. While Computer-based information system is

an information system that uses computer technology to perform some or all of its intended

tasks(Turban and others, 2006), information systems exist help business achieve their goals

and objectives, as we know business themselves do not do anything and it cannot act. It is the

people within a business who sell, buy, design, produce, finance, market, account, and

manage. So information systems exist to help people who work in a business to achieve the

goals and objectives of that business(Kroenke, 2007). The basic components of information

system are: hardware, software, database, networks, procedures, and people(Turban and

others, 2006).


3/16

ijcrb.webs.com


A number of important forces affect the pace and effectiveness of progress in using

information systems and in delivering business benefits. The relative weighting of each factor

varies over time, and will also vary from one organization to another. These factors

include(Ward and Peppard, 2002):

1. the capabilities of the technology;2. the economics of deploying the technology;

3. the applications that are feasible;

4. the skills and abilities available, either in-house or from external sources, to develop

the applications;

5. the skills and abilities within the organization to use the applications;

6. the pressures on the particular organization or its industry to improve performance. The top ten dimensions of Information Systems performance (Chang, 2001):

1. Information Systems impact on strategic direction;2. Integration of Information Systems planning with corporate planning;

3. Quality of information outputs;4. Information Systems contribution to organizational financial performance;5. Information Systems function operational efficiency;6. User/management attitudes about Information Systems function;7. Information Systems staff competence;8. Integration with related technologies across other organizational units;9. Adequacy of system development practice; and10.Ability of Information Systems function to identify and assimilate new technologies

3.3.Related Works(Allinson, 2001) in this study Information on principles, techniques and processes used, and

the reason for the recording, storing and releasing of audit information for evidentiarypurposes have been studied. It is shown that most organizations studied generate and retain

audit trails but the approach is not consistent nor is it comprehensive. It is suggested that these

materials would not withstand a serious legal challenge. (Buchanan & Gibb, 2007) This

study discusses three challenges to current practice: limited guidance on management of

scope; ambiguous linkage to related ICT development processes; and the lack of a standard

methodological approach. In response to these challenges, the role and scope of the IA is re-

examined, key relationships to information strategy and information system architecture (ISA)

are defined and mapped, and a two-dimensional matrix is proposed to manage scope.

(Buchanan & Gibb, 2008) they consider the comprehensiveness, applicability, and usability

of four commonly cited information audit methodologies. Comprehensiveness considers the

conceptual, logical, and structural completeness of each methodological approach.

Applicability considers the scope of each approach, and the ability to tailor the approach to

individual organizational requirements. Usability considers the perceived ease with which

each approach can be adopted and applied. A methodological baseline has also been

established, which provides a reusable framework to guide future methodology selection, and

for developing an individual or tailored approach to the information audit. Also (Buchanan &

Gibb, 2008) in the next study they present and discuss five information audit (IA) case

studies, which tested the application and usability of an IA methodology. The studies also

trailed an IA scope matrix and incorporated process modeling. The main strengths of the IA

methodology were found to be the logical structuring of stages, provision of a comprehensive

toolkit, and the flexibility to remove stages not relevant to the client brief. A limitation of themethodology was found to be its lack of instructional depth. The IA scope matrix was


4/16

ijcrb.webs.com


successfully trailed, and process modelling proved extremely valuable, encouraging

participant involvement by focusing on readily understandable aspects of day-to-day work,

and providing an organizational model of information flow.(Philee, 2009)Hamed and Hoda

Philee considered that the information technology and business internal controls as a major

factor for business security, they found the IT usage need to strong internal controls .

4.Study QuestionsWe can summarize the main problem of the study by asking: what is the impact of general

controls of information systems auditing in the performance of information systems in banks

listed in the Amman Securities Exchangee? We can subdivide this main question intofollowing questions:

- what is the impact of general controls of information systems auditing in improving the

quality of information provided by the systems?

- what is the impact of general controls of information systems auditing in increase the

contribution of information systems to achieve the objectives of the bank?

- what is the impact of general controls of information systems auditing in facilitate theadaptation of systems with the latest changes?

- what is the impact of general controls of information systems auditing in reducing the

economic cost of the systems?

5.Hypothesis and Study ModelTo answer the study questions, the research depend on the following main hypothesis: There

is a significant effect of general controls of information systems auditing on the performance

of information systems in banks listed in the Amman Securities Exchange? And subdivided

by the following assumptions:- There is a significant effect of general controls of information systems auditing on

improving the quality of information provided by the systems?

- There is a significant effect of general controls of information systems auditing on increase

the contribution of information systems to achieve the objectives of the bank?

- There is a significant effect of general controls of information systems auditing on facilitate

the adaptation of systems with the latest changes?- There is a significant effect of general controls of information systems auditing on economic

cost of the systems?

General Controls of Information Information Systems Performance

systems Auditing

Information systems

Strategy.

Documentation

Legal Controls to

protect Information

Quality of information

Information system

contribution

The system's ability to adapt

to the new changes

Economic cost of the system


5/16

ijcrb.webs.com


6.Methodology6.1.Population and SampleThe target population for this study comprised all the Banks listed in Amman Securities Exchange. A sample of

(8) banks were chosen randomly from the targeted population, 58 questionnaires were distributed, the response

rate was about 81.25 % (52 usable responses). 6.2.Data CollectionSecondary datawas collected based on the findings of published papers, articles, books, prior studies, and the

World Wide Web. The primary data collection was carried out using a self-designed questionnaire, this

adopted instrument comprises three sections, the first section covers the demographic information (Gender, Age,Period of working at bank, Education ), the second section contains (18) items measuring Information systems

performance, the third section measures general controls of Information systems auditing through (21) items

also, Five Likert-type scales were used to score the responses.

6.3.Instrument ReliabilityThe reliability of data collected instrument was measured using Cronbach's alpha coefficient;

the reliability test was conducted to check for inter-item correlation in each of the variables in

the questionnaire. The closer Cronbach's alpha is to one, the higher the internal consistency

reliability (Sekaran, 2003). The test results are as follows: Cronbach alpha for IndependentVariable = 0.785, Cronbach alpha for dependent Variable = 0.899, Cronbach alpha for over all

instruments = 0.912 which approached to the acceptable limit.

6.4.Data Analysis MethodsStatistical Package for Social Sciences (SPSS) was used to analyze the data. Descriptive

techniques such as; frequencies, percentages, means, standard deviation (Std.) and coefficient

of variation were used to describe the variables. Spearman correlation and multiple regression

analysis were used to test hypothesis of the study.

7.Statistics Analysis and Hypothesis Testing

7.1.Analysis of Personal and Functional CharacteristicsWe used several questions to find out the distribution of the study sample, according topersonal and functional characteristics, such as gender, age, Period of working at bank, and

Education. Table (1) shows these properties.Table (1) Personal and Functional Characteristics (N=52)

VariableFrequencyPercent

GENDERmale2853.8

female2446.2

AGE

less than 30 years2038.5

31- 401936.5

41 - 50815.4

51and more59.6

EDUCATION

pre bachelor59.6

bachelor3969.2

MBA & PhD1121.2

Period of working at

bank

5years and less2140.4

from 6 to 101834.6

from 11 to 151019.2

16and more35.8


6/16

ijcrb.webs.com


7.2.Study variables DescriptionTo determine the availability of the study variables, we divided the main independent variable into three major

dimensions, and the dependent variable into four major dimensions, each dimension was measured with a set of

indicators shown in the table(2).

Table (1) variables Description Characteristics (N=52)

Std.MeanQuestionsNo.

1.279113.8269There is a clear definition of the vision and mission of information systems.1

1.102584.0000There is a clear methodology for strategic planning for information systems linked to the

overall strategy of the bank.2

1.160404.2885Strategic plan identifies key priorities for information systems, and resources tha tsystems need.

3

1.028263.9615Information systems unit is involved in building and implement the overall strategy of

the bank.4

.811754.0192(x1) information systems Strategy.

.916383.9423The bank Documents all procedures used in data collection.5

.995284.0962The Bank has a mechanism to make sure that the data collected, is in conformity with the

procedures adopted by the bank.6

.949724.0000The Bank has written standards describe where and when the operating procedures

perform.7

1.161703.9423The performance of information systems performance is Measured by documented

standards.8

1.177343.5769There is a standard format for recording data.9

1.085353.8077All models adopted by the bank, dated.10

1.143383.7115The name of person or entitywhich collect the data is specified on these forms.11

1.063593.9231The auditing of the data recorded, done by another specialist.12

1.169463.7500The bank relies specific actions are periodically carried out to ensure the accuracy of theinformation system.

13

.674923.8611(x2) Documentation.

1.320884.0192The Bank uses passwords and smart cards to verify the identity of persons and data

sources.14

1.173493.7308To protect data against illegal use, the bank determine the responsibilities of access to

data and to deal with it.15

1.188653.8654protection procedures Increase whenever the importance of data Increase.16

1.074003.9423The bank use the data encryption technology to protect it from change and replacement.17

1.165753.8846Toprotect the data, bank uses a system to registration the date and time of the codes, turnit off, suspended, restarted, and cancellation.

18

1.218263.9231There is deterrent procedures against those whodisplay the system and information to

penetrate and danger.19

1.152094.0769

Bank relies protection standards comparable to international used standards.20

.928033.9615The bank regulations require that the users of information systems must be expertise and

competence.21

.820343.9255(x3) Legal Controls to protect Information Systems

.487233.9158(X) General Controls of Information Systems Auditing

1.334094.1538The information which provided by the systems is Features with modernity.22

1.074003.9423The information is provided at the right time.23

1.047874.0000The provided information is featured with the sincerity and consistency.24

.957624.1538The provided information is featured with the accurate, realistic and concise..25

1.252903.8654The provided information is featured with the flexibility.26

1.057013.9808Information is provided according to the requirements of beneficiary using multiplemethods.

27


7/16

ijcrb.webs.com


.793674.0160(y1) Quality of information provided by systems

1.170913.9615The current Information systems is correspond with requirements of decisions relating to

the achievement of the objectives of the Bank in general.28

1.130943.7692Information systems which used in the bank, guarantee provide service to all units and

departments in the bank.29

1.065714.0385There is an integration and mutual coordination between the different departments in theBank, to use information from the placed plans, correspondence with the unity and

stability of the objectives to be achieved.30

1.412083.9231Information systems which used at the bank, helps to quickly provide information in

response to customer requirements.31

1.152583.7500Information systems which used at the bank, enables to complete doing daily works

immediately on-line.32

.831173.8885(y2)Information system contribution to achieving the objectives of the bank

1.192453.9038Information systems which used at the bank is featured with highly efficient of storage,

classification, retrieval, and update data and information that I need in my work.33

1.188184.0000Information provided by the information systems which used at the bank meet the needs

of decision makers at all administrative levels.34

.980004.0192Information systemswhich used at the bank is featured with ability to provide the

information in spite of the size growing and diversity of operations.35

1.090723.7885The information has the required of accuracy and reliability in spite of the size growing

of operations.36

.767503.9279(y3) The system's ability to adapt to the new changes

1.177183.7885Information provided by the current Information Systems provides useful return justify

their cost.37

1.172203.8077Usually I get better results for my decisions when I depend on information provided by

the system.38

1.226283.5769Information systems helps to strengthen the financial position of the bank by reducingcosts and increasing sales.

39

.932873.7244(y4) Economic cost of the system

.701123.9124(Y) Information Systems Performance

7.2.1.General Controls of Information System AuditingAs it clear from the table (2) the total mean is (3.9158), and the answers of the study sample on these

dimensions were close, the standard deviation indicates that, which was (.48723), which reflects the perception

of respondents to the importance of General Controls of Information System Auditing, this importance was

according to the views of sample members, arranged as follows: information systems Strategy with mean

(4.0192) and a standard deviation (.81175), second place Legal Controls to protect Information Systems with

mean (3.9255) and a standard deviation (.82034), and came Documentation in third place with mean (3.8611)

and a standard deviation (.67492)

7.2.2.performance of information systemsAlso from the table (2) we can see the total mean of information systems performance is (3.9124), and theanswers of the study sample on these dimensions were very close, the standard deviation indicates that, which

was (.70112), the arrangement of these dimensions according to the sample members opinion, as follows:

Quality of information provided by systems with mean (4.0160) and a standard deviation (.79367), second place

The system's ability to adapt to the new changes with mean (3.9279) and a standard deviation (.76750) , third

place Information system contribution to achieving the objectives of the bank with mean (3.8885) and a standard

deviation (.83117), and Economic cost of the system came in fourth place with mean (3.7244) and a standard

deviation (.93287).


8/16

ijcrb.webs.com


7.3.Hypothesis TestingWe used Pearson's test to identify if there is relationship between General Controls of

Information System Auditing and performance of information systems, As it seen in Table

(3), the output indicates that there is a positive significant correlation at (P

0.01) betweenGeneral Controls of Information System Auditing and information systems performance,

which implies that the Banks which listed in Amman Securities Exchange focus on

information systems audit to improve the systems performance but they must give more

important to the information systems auditing in the future (r = 0.725), also we can note that

there is no relationship Legal Controls to protect Information Systems and performance of

information systems and sometimes sounds negative .

Table (3)Correlations (N=52)

X x1 x2 x3

Y Pearson Correlation .725** .803** .861** -.063

Sig. (2-tailed) .000 .000 .000 .656

N 52 52 52 52

y1 Pearson Correlation .647** .793** .749** -.077

Sig. (2-tailed) .000 .000 .000 .590

N 52 52 52 52


Sig. (2-tailed) .000 .000 .000 .590

N 52 52 52 52


Sig. (2-tailed) .001 .001 .000 .418

N 52 52 52 52

y4 Pearson Correlation .672** .637** .700** .085

Sig. (2-tailed) .000 .000 .000 .550

N 52 52 52 52** Correlation is significant at the 0.01 level (2-tailed).

* Correlation is significant at the 0.05 level (2-tailed).


9/16

ijcrb.webs.com


Multiple regression analysis was conducted to test the hypotheses. Multiple regression

identifies how much of the variance in the dependent variable will be explained when a set of

variables is able to predict a particular outcome. Using multiple regression analysis is subject

to normality of the data.

Hypothesis 1:Table (4) Model Summary

Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .840a .705 .687 .44419

a. Predictors: (Constant), x3, x1, x2

Table (5) ANOVAb

Model Sum of Squares df Mean Square F Sig.

1 Regression 22.655 3 7.552 38.274 .000a

Residual 9.471 48 .197

Total 32.126 51


b. Dependent Variable: y1

Table (6) Coefficientsa

Model

Unstandardized Coefficients

Standardized

Coefficients

B Std. Error Beta t Sig.

1 (Constant) .148 .505 .293 .771

x1 .516 .106 .528 4.854 .000

x2 .451 .129 .384 3.510 .001

x3 .013 .076 .013 .168 .867

a. Dependent Variable: y1

adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially (x1)

information systems Strategy and (x2) Documentation) as it seen in table (6) affect directly in order ( =

0.528, 0.384, P0.01) on Information Quality, as it shown from table (4) (R2= 0. 705) This means that GeneralControls of Information Systems Auditing have been interpreted (70.5%) of the variance in Information Quality

that provided by Information systems, and also we noted from table (5) that the value of the statistical test (F =

38.274) is statistically significant at (P 0.01). this analysis lead us to accept the first hypothesis which said:

There is a significant effect at level (P 0.01) of general controls of information systems auditing on

improving the quality of information provided by the systems.


10/16

ijcrb.webs.com


Hypothesis 2:

Table (7) Model Summary

Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .861a .741 .725 .43608


Table (8) ANOVAb


1 Regression 26.105 3 8.702 45.759 .000a

Residual 9.128 48 .190

Total 35.233 51




Model


Standardized

Coefficients


1 (Constant) -.381 .496 -.767 .447

x1 .428 .104 .418 4.100 .000

x2 .638 .126 .518 5.059 .000

x3 .021 .075 .021 .282 .779


adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially(x2)

Documentation and (x1) information systems Strategy) as it seen in table (9) affect directly in order ( =

0.518, 0.418, P

0.01) on information systems contribution to achieve the bank goals, as it shown from table (7)(R2= 0.741) This means that General Controls of Information Systems Auditing have been interpreted (74.1%)

of the variance in information systems contribution to achieve the bank goals, and also we noted from table (8)

that the value of the statistical test (F = 45.759) is statistically significant at (P 0.01). this analysis lead us to

accept the second hypothesis which said: There is a significant effect at level (P 0.01) of general controls ofinformation systems auditing on increase the contribution of information systems to achieve the objectives of the

bank.


11/16

ijcrb.webs.com


Hypothesis 3:


Model R R SquareAdjusted R

SquareStd. Error of the

Estimate

1 .648a .420 .384 .60246


Table (11) ANOVAb


1 Regression 12.620 3 4.207 11.590 .000

a

Residual 17.422 48 .363

Total 30.042 51




Model


Standardized

Coefficients


1 (Constant) 1.258 .685 1.835 .073

x1 -.022 .144 -.023 -.149 .882

x2 .749 .174 .658 4.294 .000

x3 -.034 .104 -.036 -.329 .744


adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially(x2)

Documentation) as it seen in table (12) affect directly ( = 0.658, P0.01) on the system ability to convoy rapidchanges, as it shown from table (10) (R

2= 0.420) This means that General Controls of Information Systems

Auditing have been interpreted (42%) of the variance in the system ability to convoy rapid changes, as it shownfrom table, and also we noted from table (11) that the value of the statistical test (F = 11.590) is statistically

significant at (P 0.01). this analysis lead us to accept the third hypothesis which said: There is a significant

effect at level (P 0.01) of general controls of information systems auditing on facilitate the adaptation of

systems with the latest changes.


12/16

ijcrb.webs.com


Hypothesis 4:


Model R R SquareAdjusted R

SquareStd. Error of the

Estimate

1 .751a .564 .536 .63513


Table (14) ANOVAb


1 Regression 25.020 3 8.340 20.675 .000a

Residual 19.363 48 .403

Total 44.382 51




Model


Standardized

Coefficients


1 (Constant) -1.158 .723 -1.603 .116

x1 .334 .152 .291 2.195 .033

x2 .718 .184 .520 3.909 .000

x3 .195 .109 .172 1.788 .080


depending on the results of regression analysis, the General Controls of Information Systems Auditing

(especially(x2) Documentation) as it seen in table (15) affect directly ( = 0.261, P0.01) on economic cost ofsystems, as it shown from table (13) (R2= 0. 564) This means that General Controls of Information Systems

Auditing have been interpreted (56.4%) of the variance in the economic cost of systems, and also we noted from

table (14) that the value of the statistical test (F = 20.675) is statistically significant at (P 0.01). this analysis

lead us to accept the fourth hypothesis which said: There is a significant effect at level (P 0.01) of generalcontrols of information systems auditing on economic cost of the systems.


13/16

ijcrb.webs.com


Main Hypothesis:


Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .908a .824 .813 .30349


Table (17) ANOVAb


1 Regression 20.649 3 6.883 74.727 .000a

Residual 4.421 48 .092

Total 25.070 51


b. Dependent Variable: Y


Model


Standardized

Coefficients


1 (Constant) .030 .345 .087 .931

x1 .342 .073 .396 4.704 .000

x2 .614 .088 .591 6.989 .000

x3 .035 .052 .041 .673 .504

a. Dependent Variable: Y

As it clear from the results of regression analysis, the General Controls of Information Systems Auditing

(especially(x2) Documentation and(x1) information systems Strategy) as it seen in table (18) affect directly

in order ( = 0.591, 0.396, P0.01) on Information systems Performance (quality of information provided

by systems, information system contribution to achieving the objectives of the bank, the system's ability toadapt to the new changes, economic cost of the system), as it shown from table (16) (R2= 0.824) Thismeans that General Controls of Information Systems Auditing have been interpreted (82.4%) of the variance in

Information systems Performance, and also we noted from table (17) that the value of the statistical test (F =

74.727) is statistically significant at (P 0.01). this analysis lead us to accept the main hypothesis which said:

There is a significant effect at level (P 0.01) of general controls of information systems auditing on theperformance of information systems in banks listed in the Amman Securities Exchange.


14/16

ijcrb.webs.com


8.ConclusionsAfter analyzing the data and testing the hypotheses, the following major conclusions were

reached:1. General controls of information systems auditing dimensions (Information Systems Strategy,

Documentation, and Legal Controls) are provided in high percentages with a mean(4.0192, 3.8611, 3.9255) compared with the expected mean which is (3).T

2. here is significant statistical relationship between general controls of information systemsauditing and information systems performance at the confidence level (P0.01).

3. The study revealed that general controls of information systems auditing have a significantstatistical impact on information systems performance and explains (82.4%) of the

variation in information systems performance

9.RecommendationsAccording to the findings of this study we can give some suggestions, might be they can help

managers in the banks that listed at Amman Securities Exchange if they use them effectively.

1.Banks that listed at Amman Securities Exchange highly encouraged to illustrate the strong

relationship between general controls of information systems auditing and informationsystems performance especially Legal Controls to protect Information Systems.

2.Banks that listed at Amman Securities Exchange highly encouraged to develop a clearstrategy allow them to increase the role of general controls of information systems

auditing in improvement Economic cost of the system, and Information system

contribution to achieving the objectives of the bank.

3.reinforcement the role of general controls of information systems auditing in raisingQuality of information provided by systems, andThe system's ability to adapt to the new

changes


15/16

ijcrb.webs.com


References

1. Steven Buchanan, Forbes Gibb, The information audit: Theory versus practice,International Journal of Information Management28 (2008) 150160.

2. Steven Buchanan, Forbes Gibb, The information audit: Methodology selection,International Journal of Information Management28 (2008) 3-11.3. Steven Buchanan, Forbes Gibb, The information audit: Role and scope, International

Journal of Information Management 27 (2007) 159172.

4. Caroline Allinson, Information Systems Audit Trails in Legal Proceedings asEvidence, Computers & SecurityVol.20, No.5, pp.409-421, 2001.

5. Hamed and Hoda Philee, Information Technology and Internal Controls, February 6,2009, http://ssrn.com/.

6. Western Australian Auditor Generals Report, Information Systems Audit Report,Report2April 2009.

7. The Auditor Generals, Methodological Recommendations for Information Systems

Audit, Order No. V-65 of 27 April 2006.8. Mario Piattini, Auditing information systems , Chapter I, Basic Concepts of

Information System Auditing, Rafael Rodrguez de Cora, 2000, IDEA Group

Publishing.

9. Anantha Sayana, The Information System Audit Process, Information SystemsControl Journal, Volume 1, 2002.

10.IS AUDITING PROCEDURE EVALUATION OF MANAGEMENT CONTROLSOVER ENCRYPTION METHODOLOGIES DOCUMENT P9,2009 ISACA.

11.IS AUDITING PROCEDURE IRREGULARITIES AND ILLEGAL ACTSDOCUMENT P7,2009 ISACA.

12.IS AUDITING GUIDELINE, G6 MATERIALITY CONCEPTS FOR AUDITINGINFORMATION SYSTEMS,2009 ISACA.

13.IS AUDITING GUIDELINE FOLLOW-UP ACTIVITIES DOCUMENT G35 ,2009ISACA.

14.IS AUDITING GUIDELINE, G8AUDIT DOCUMENTATION,2009 ISACA.15.IS AUDITING GUIDELINE, G39IT ORGANISATION, 2009 ISACA.16.IS AUDITING PROCEDURE, P1IS RISK ASSESSMENT MEASUREMENT, 2009

ISACA.

17.Ward, John and Peppard, Joe (2002) Strategic Planning for Information Systems,Third Edition, John Wiley & Sons Ltd, England

18.Kroenke, David M. (2007), Using MIS, Pearson Education, Inc, New Jersey.19.Turban, Efraim and leidner, Dorothy and Mclean, Ephraim and Wetherbe, James with

contribution by: Chung, Christy and Tse, Daniel and Lew, Maggie (2006),

Information Technology for management transforming organizations in the

digital economy, 5thEdition, John Wiley & sons, Inc.

20.Chang, Cha-Jan Jerry(2001), the development of a measure to assess the performanceof the information systems function: a multiple-constituency approach, PhD thesis,

Faculty of the Katz Graduate School of Business, University of Pittsburgh.
http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/http://hamed%20and%20hoda%20philee%2C%20information%20technology%20and%20internal%20controls%2C%20february%206%2C%202009%2C%20http/ssrn.com/


16/16

Reproduced with permission of the copyright owner. Further reproduction prohibited without

permission.

Sistemele informationale

Documents

Transcript of Sistemele informationale