Design a comprehensive Model of IT Audit: Grounded Theory Approach

Purpose: Considering technological advances in IT environment and the growing importance of IT audit, the purpose of this study is to design a comprehensive model for IT Audit, considering the environmental characteristics, attributes and conditions surrounding the audit profession in Iran.
Method: This study uses a qualitative approach and the grounded theory method and 30 interviews with experts in the auditing profession. Theoretical sampling method is used in this research and The sample was selected using the Snowball sampling method.
Results: The research data were analyzed using open, axial and selective coding method, which is a component of the grounded theory approach with the aid of maxqda 2018 software and, finally, the integrated model of IT Audit is provided which resulted in the identification of 6 categories of causal conditions, 9 categories of phenomena/context, 14 categories of intervening conditions, 7 categories of action strategies and 8 categories of consequences related to the main phenomenon of research.
Conclusion: Based on the research findings and the proposed model, the consequences of performing IT audit in organizations include reducing the volume of audit documents and reducing time consumption in financial reporting, reducing audit risk, reducing time consumption in audit procedures, increasing audit quality, reducing human error, leaving the current situation, changing from the current situation to optimal condition and stabilization in optimal condition.
Contribution: Due to the lack of comprehensive research in Iran in this regard, the designed multidimensional model is the result of the views of various experts in this field and provides a comprehensive view on information technology auditing and the necessary mechanisms for its implementation in Iran, through which The target community recognizes their needs and seeks success and progress in this area.

Keywords

References

انصاری، عبدالمهدی و خواجوی، حسن، (1389)، حسابرسی فناوری اطلاعات، حسابرس، 51: 100-106.

صنایعی، علی، فیض پور، محمدعلی و نادری بنی، محمود، (1391)، تاثیر فناوری اطلاعات بر زنجیره ارزش شرکت های نمونه صادراتی ایران، تحقیقات بازاریابی نوین، 4(7): 22-43.

عبدخدا، محمدهیوا، احمدی، مریم، حسینی، آغافاطمه، پریخانی، اسماعیل و فرهادی، اکرم، (1392)، بررسی عوامل موثر بر پذیرش فناوری اطلاعات توسط کارکنان بخش مدارک پزشکی بر اساس مدل پذیرش فناوری در بیمارستان های دانشگاه علوم پزشکی تهران، مجله پیاورد سلامت، 7(4): 287-298.

عدالت، احمد و فاضلی، احمد، (1389)، سیستم اطلاعات حسابداری، حسابرس، 51: 90-94.

عرب مازار یزدی، محمد، (1373)، ضرورت بازنگری جایگاه سیستم های اطلاعاتی حسابداری در آموزش و حرفه حسابداری، بررسی های حسابداری، 3(2): 22-42.

فراهی، احمد، فال سلیمان، محمود، حجی پور، محمد، فلزی، مرتضی و حق دوست، ناهید، (1393)، گسترش فناوری اطلاعات، دولت و فضاهای روستایی (مورد مطالعه: روستاهای استان خراسان جنوبی)، برنامه ریزی منطقه ای، 14(4): 76-86.

قربانی زاده، وجه اله، حسن نانگیر، سیدطه و رودساز، حبیب، (1392)، فراتحلیل عوامل موثر بر پذیرش فناوری اطلاعات در ایران، پژوهش های مدیریت در ایران، 17(2): 1-30.

کاهویی، مهدی، بابامحمدی، حسن، قضوی شریعت پناهی، سهیلاسادات و مهدی زاده، جمیله، (1392)، بررسی عوامل بازدارنده در شیوه دستیابی به منابع اطلاعات سلامت در مراقبت پرستاری از دیدگاه پرستاران و دانشجویان پرستاری، مدیریت سلامت، 15(49): 27-38.

مهدوی، غلامحسین و کریمی، زهره، (1393)، بررسی عوامل موثر بر تمایل حسابرسان در استفاده از دستاوردهای فناوری اطلاعات: دیدگاه حسابرسان مستقل، دانش حسابداری، 5(16): 7-31.

مهدی پور، علی و غفاری، محمدجواد، (1389)، تاثیر فناوری اطلاعات بر حسابرسی، حسابدار رسمی، 21(9): 75-80.

Abdulkhoda, Mohammad Hiva et al. (2013), Investigating the factors affecting the acceptance of information technology by the staff of medical records department based on the technology acceptance model in the hospitals of Tehran University of Medical Sciences, Payavard Salamat Journal, 7(4): 287-298. (in Persian)

Adalat, Ahmad, Fazeli, Ahmad. (2010), Accounting Information System, Hesabras Magazine, 51: 90-94. (in Persian)

Angel R. Orter. (2019), Information Technology, Control and Audit, Fifth Edition. Published by Taylor & Francis Group, LLC

Anh Huu NGUYEN, Hanh Hong HA, Soa La NGUYEN. (2020), Determinants of Information Technology Audit Quality, Journal of Asian Finance, Economics and Business, 7(4): 41- 50

Ansari, Abdul Mahdi, Khajavi, Hossein. (2010), IT audit, Hesabras Magazine, 51: 100-106 (in Persian)

Arab Mazar Yazdi, Mohammad. (1994), The need to review the position of accounting information systems in accounting education and profession, Journal of Accounting Reviews, 3(9): 22-42. (in Persian)

Charles e. Davis. (1997), An assessment of accounting information security, the cap journals, 67: 52-70.

Deloitte (2018), General IT Controls (GITC) Risk and Impact. Farahi, Ahmad et al. (2014), Development of Information Technology, Government and Rural Spaces (Case Study: Villages of South Khorasan Province), Quarterly Journal of Regional Planning, 4(14): 76-86. (in Persian)

Ghorbanizadeh, Vajhollah et al. (2013), Meta-analysis of factors affecting the adoption of information technology in Iran, Journal of Management Research in Iran, 2(17): 1-30. (in Persian)

Hatcher L. (1994), A step-by-step approach to using the SAS(R) system for factor analysis and structural equation modeling. Cary, NC: SAS Institute.

Henczel, S. (2001), The information audit: A practical guide. Munich: K.G. Saur. NTOSAI (2019), Guidance on audit of information systems, Retrieved from http://www.issai.org.

Jeong Kim, Michael Mannino, Robert J. Nieschwietz. (2009), Information technology acceptance in the internal audit profession: Impact of technology features and complexity, International Journal of Accounting Information Systems, 10: 214–228.

Kahoui, Mehdi et al. (2013), Investigating the barriers in accessing health information resources in nursing care from the perspective of nurses and nursing students, Journal of Health Management, 15(49): 27-38. (in Persian)

Mahdavi, Ghulam Hussain, Karimi, Zohre. (2014). Investigating the Factors Affecting Auditors' Tendency to Use Information Technology Achievements: The Viewpoint of Independent Auditors, Journal of Accounting Knowledge, 16(1): 7-32. (in Persian)

Maior. P. (2015), Technologies and Methods for Auditing Databases, Procedia Economics and Finance, 26: 991 – 999.

Mazlina Mustapha, Soh Jin Lai (2017), Information Technology in Audit Processes: An Empirical Evidence from Malaysian Audit Firms, International Review of Management and Marketing, 7(2): 53-59.

Mehdipour, Ali, Ghaffari, Mohammad Javad. (2010), The Impact of Information Technology on Auditing, Certified Public Accountant Quarterly Journal, 9: 75-80. (in Persian)

Robert r. Moeller. (2010), IT Audit. Control and security. Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Saleem, K. S. M. A., & Oleimat, I. M. (2020). The Impact of Computerized Auditing in Reducing audit risks in Jordan. International Journal of Academic Research in Business and Social Sciences, 10(6): 284–298.

Sanaei, Ali et al. (2012), The Impact of Information Technology on the Value Chain of Exemplary Export Companies in Iran, Quarterly Journal of Modern Marketing Research, 2(4): 22-43. (in Persian)

Tommie W. singleton. (2009), What Every IT Auditor Should Know About Scoping an IT Audit, ISACA Journal, 4:1-3.

Venkatesh V, Morris MG, Davis GB, Davis FD (2003), User acceptance of information technology: toward a unified view. MIS Quarterly; 27(3):425– 478.

Article View: 1,811
PDF Download: 1,510

Financial Accounting Knowledge

Design a comprehensive Model of IT Audit: Grounded Theory Approach

References

References

Volume 8, Issue 3 - Serial Number 30
October 2021
Pages 49-79

Design a comprehensive Model of IT Audit: Grounded Theory Approach

References

References

Volume 8, Issue 3 - Serial Number 30October 2021Pages 49-79

Volume 8, Issue 3 - Serial Number 30
October 2021
Pages 49-79