Jag,Pathak,Cff

Abstract:The categories of e-commerce, like Business-to-Business (B2B), Business-to-Customers (B2C) and mobile Commerce (m-Commerce) makes use of core technologies different from each other (Salazar et al, 2003; Maxey, 2001) however, the common factor remains unchanged from the auditors' perception, i.e. risk and its potential to harm the integrity and accuracy of the data and decisions based on such data. E-commerce has begun in its varied facets. As an auditor, one may have to audit them. My effort is to identify the risks and show their impact on the assurance of the information system of any organization. AICPA/CICA (Cashell & Aldhizer III, 1999; Primoff, 1998) has jointly offered seal of assurance at web level and system level. The limitations of these certifications are equally important for an auditor as the objectives and the perceptions of these approval auditors are limited to their respective goals established by these accounting bodies. But, the role and functions of an auditor are beyond those of the assurance approval auditors. The organizational decision making processes are dependent on various segments of information bases whereas these assurance providers audit a limited amount related to their interest. This conceptual paper attempts to show why an auditor is expected to provide a much higher level of assurance to the organizational executives amidst a plethora of risks faced by their information and databases and accordingly a framework is provided for auditors to be implemented in the cyber entities under their review.

Computer Science,Business

Diogo Leocádio,Luís Malheiro,João Reis

DOI: https://doi.org/10.3390/admsci14100238

2024-09-28

Administrative Sciences

Abstract:The transition to digital business systems has revolutionized organizational operations, driven by the integration of advanced technologies such as artificial intelligence (AI). This integration indicates a shift, redefining traditional practices and enhancing efficiency across diverse sectors such as finance, healthcare, and manufacturing. This study explores the impact of AI on auditing through a systematic literature review to develop a conceptual framework for auditing practices. The theoretical implications show the transformative role of AI in redefining auditors’ roles, shifting from retrospective examination to proactive real-time monitoring. Moreover, managerial contributions stress the benefits of AI integration, enabling informed decision-making in risk analysis, financial management, and regulatory compliance. Future research should explore AI’s influence on auditing efficiency, performance, regulatory challenges, and auditor adaptation. Overall, this study underlines the importance for organizations to embrace AI integration in auditing practices, fostering innovation, competitiveness, and resilience.

Alih Usman,Ayoib Che-Ahmad,Salau Olarinoye Abdulmalik

DOI: https://doi.org/10.26668/businessreview/2023.v8i8.2922

2023-08-07

International Journal of Professional Business Review

Abstract:Purpose: This paper aims to establish a theoretical framework that will enhance the examination of the role of internal auditors in cybersecurity risk assessment in financial-based business organizations. Financial-based business organizations are institutions or companies that render financial services to public and private stakeholders in an economy. It is a powerful sector in the economy of every country. This drive poses a lot of challenges to organizations. Hence, business organizations strategically devised a means to safeguard the integrity, confidentiality, and availability of information. Also, innovation poses many risks and threats to the internal audit function in an organization. Theoretical Framework/Findings: Using the competency and planned behaviour theories (McClelland 1973 and Ajzen,1991), this study disclosed that the task performance of cybersecurity risk assessment by the internal auditor is influenced by the required internal auditor’s characteristics of professional ethics of integrity and objectivity, personality traits, professional skills competency professional knowledge competency and deterrence and rewards to advise the management on the implications of cyber security risk on business organisations for monitoring and mitigations. Methodology: A literature review approach is adopted to highlight the role of internal auditors in cyber security risk assessment in financial–based business organizations. Research Limitation/Implication: This conceptual paper has consequences for the practice of internal auditing. This approach is helpful to academic scholars in testing it out in the real world. This model is helpful to practitioners when evaluating the function of IAs in the cybersecurity risk assessment context. Originality/Values: Earlier auditing-related studies haven't addressed this problem. This study makes an effort to close such a gap and investigate the subject of the internal auditor’s characteristics and cyber security risk assessment among financial-based organizations.

YangYue Zhang

DOI: https://doi.org/10.2991/etmhs-18.2018.95

2018-01-01

Abstract:More and more enterprises use e-commerce to carry out business activities. Compared with traditional enterprises, e-commerce enterprises have their own unique characteristics, and thus have different effects on auditing. It expands the scope and the content of the audit, injects new vitality into the audit.However, at the same time it increases the...

Yan Li,Ming Zhao,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1109/icebe.2008.80

2008-01-01

Abstract:As e-commerce always suffers from the uncertainty, cheats and attacks, concepts of trust and risk are brought in to enhance on-line business. Several models or frameworks for dealing with uncertainty and threats in cyberspace have been proposed in the literature, but few explicitly consider trust and risk as two separate factors that influence different aspects of on-line interactions independently. This paper presents a novel framework which considers trust and risk as two key dimensions to strengthen interactions in e-commerce. Moreover, a novel method of trust evaluation is proposed to represent confidence in the success of a transaction. And a new method of risk assessment is also presented to indicate impacts on assets and resources. Finally, simulation results also indicate that our framework is able to enhance interactions in e-commerce more powerfully, efficiently and rationally.

Madhu Vij,Jayant Palan

DOI: https://doi.org/10.1177/jmrt.22.1023231

2022-03-01

GLIMS Journal of Management Review and Transformation

Abstract:A new perspective of risk management in the context of emergence of new technologies and innovations has not only changed the risk landscape in the last few years but has also prompted an important shift in the role of auditors and Chief Financial Officers (CFOs) in organizations. Auditors along with senior management need to take a holistic and forward trending view on the emerging risk and risk management practices. They need to be transparent about arriving at the audit opinion and expand their coverage in implementing and improving compliance, governance and risk management-related processes and controls within an organization. New ways and perspectives of risk management have emerged and board, senior leaders, regulators, leaders have all expanded their focus to include the concept of enterprise risk management (ERM). The realities of an ever-changing world with frequent business disruptions have made the concept of ERM important in companies. With the changing times and dynamic scenario that has arisen due to the pandemic, leading organizations are increasingly expecting auditors and CFOs to ensure that they integrate risk into strategic decision-making so as to make smarter decisions. Auditors need to move away from a siloed approach to a more consolidated risk assessment and monitoring perspective. They need to add focus to the top risk areas, think about the return for the organization, avoid unnecessary governance and compliance, and provide objective assurance to the board regarding risk management efficiency.

Wenquan Shi

DOI: https://doi.org/10.1186/s13638-021-02024-z

2021-07-09

EURASIP Journal on Wireless Communications and Networking

Abstract:Abstract E-commerce has broken through the pattern and boundary of traditional commodity exchange, so that there is no need for face-to-face transactions between merchants and consumers. This has impacted the traditional accounting industry, which broke the environmental setting of traditional accounting industry. This requires the extension and expansion of the economic environment of the new accounting industry, which has led to the computerization of accounting and the network of further upgrades. Accounting computerization and networking have greatly improved the speed and accuracy of accounting information processing, and at the same time made the classification of accounting duties more clear. However, accounting computerization and higher-level networking have in turn affected the development of e-commerce. Due to the rapid development of e-commerce, the corresponding internal auditing schemes of traditional enterprises have been unable to meet accounting and computerization. The impact of this will constrain the further development of e-commerce. Accounting computerization and networking the internal audit of e-commerce is mainly reflected in clues, internal control, and content and environment issues. This paper analyses the impact of accounting computerization and networking on the internal auditing of e-commerce, and finally analyse the auditing setup and experience based on a company H in the accounting information system, and explore the accounting calculation. In the context of globalization and networking, the strategy of how to deal with the trial and control part of e-commerce.

telecommunications,engineering, electrical & electronic

Akash Bhardwaj

Abstract:the ideas, Trust, Risk, Privacy and Security, are broadly utilized in different investigations done by numerous controls, and they are frequently mistakenly allowed to nearly as equivalent words. The point is to clear up the ideas from the buyer perspective in internet business. The discoveries of our subjective examination recommend a few connections between the four ideas and fills in as building obstructs for further research. Electronic business has expanded significantly as of late, as a result of the transformation in data innovation. The administrations given by online business organizations could be influenced by a few factors, for example, protection, security, trusts and saw dangers. In this paper, we propose a fundamental hypothetical model that researches the connection between protection, security concerns, and saw dangers, and how it would identify with clients' dimension of trust in internet business. An overview that includes 100 members has been directed and broke down testing various theories concentrated on concentrate the qualities of each factor, and its impact on the apparent dangers related with startling circumstances. The aftereffects of this examination think about demonstrate that a positive relationship exists between the apparent dangers and a portion of the security properties, for example, control and notice. A positive relationship additionally exists between the apparent dangers and a portion of the security traits, for example, privately and uprightness. Further, the investigation exhibits a positive connection between saw dangers and clients' dimension of trust.

Computer Science,Business

Vilena A. YAKIMOVA,Viktor S. RADOMSKII

DOI: https://doi.org/10.24891/ni.17.8.1491

2021-08-16

Abstract:Subject. The article focuses on organizational and methodological issues of internal compliance control in e-commerce businesses. Objectives. We refine the design and technique of internal compliance control for e-commerce businesses. Methods. The study relies upon methods of analysis and generalization, grouping, systematization, risk-based, systems and business process approaches. Results. We devised the five-component compliance control sysem, determined its principles and functions ensuring the economic security of e-commerce businesses. We suggest conducting compliance procedures intended to mitigate IT risks and accounting for the specifics of e-commerce business processes. Conclusions and Relevance. In e-commerce, compliance control serves for identifying and monitoring compliance risks, ensuring safe operations of businesses, which is vital for people. The information system for IT risk protection was found to underlie compliance control, while control procedures can be classified into general and applied. The findings can be used to set up a reliable and effective compliance system for e-commerce businesses in order to prevent economic abuses and crime.

Oluwaseun Oladeji Olaniyi,Dagogo Sopriala Omubo

DOI: https://doi.org/10.24940/ijird/2023/v12/i5/may23001

2023-06-21

International Journal of Innovative Research and Development

Abstract:This article examines the significance of the COSO framework in managing risks and establishing effective control environments for organizations' IT systems. It delves into the five essential components of both the COSO frameworks for internal control and enterprise resource management. Furthermore, it outlines the principles that define each of the COSO frameworks for internal control and enterprise resource management components and elaborates on their impact on the COSO framework objectives. The authors also shed light on the paramount concerns of an auditor during an IT audit. In conclusion, the article provides several recommendations for integrating COSO framework compliance into an organization's information technology plan. This articles a valuable resource for auditors, administrators, and management seeking to develop an IT strategy that aligns with their business strategy and safeguards their information systems and data.

Moamen A. Shazly Shazly,dr Khaled Mohamed Abdelalim,dr Hesham Zakaria Mohamed

DOI: https://doi.org/10.21608/masf.2023.325373

2023-09-01

المجلة العلمیة للدراسات والبحوث المالیة والإداریة‎

Abstract:This research suggests that one way to combat these potential threats is by implementing a strong Cyber-Security. The AICPA issued a new framework for Cyber-Security risk management to help businesses deal with the growing challenges caused by Cyber-Threats /incidents. One result of this new framework is the surfacing of a new type of management called Enterprise risk management (ERM), which took a responsibility upon itself to be the ones watching over the constant growth caused by corporate uncertainty and financial scandals, while also keeping levels of these factors in check. Additionally, the (ERM) is implemented to improve audit quality by acting as a process that is applied in strategy settings across the organization and is affected by that

Business,Computer Science

Sampson Anomah,Boadu Ayeboafo,Maurice Aduamoah

DOI: https://doi.org/10.1080/07366981.2021.1930643

2021-08-03

EDPACS

Abstract:Strategy has become indispensable for survival in a contemporary business environment. The role of IT audit or assurance review is now viewed from two perspectives – first, as an independent assessor and, second, as a consulting expert advisor. IT auditors are, therefore, expected to plan their reviews such that their scarce IT audit resources will be put to efficient use and at the same time effectively provide advisory opinions on IT governance and strategies to leverage business executives' function towards the achievement of their specified business objectives. The study used the design science approach using the audit risk model as a conceptual model to develop an objective approach to identify the quality of risk inherent in a digital transformation (dx) project. A major design output was that an Audit Risk model for IT (IAR) in the context of digital transformation is calculated as IAR = PR × SR × RR, where was PR is Primary Risk, SR is Secondary Risk and RR is Residual Risk. Also, Return on IT investment (ROI) has an inverse correlation with PR and was relevant in estimating the PR given IAR as equivalent to ROI. A mixture of a multiple case study approach, quasi experimentation and the Delphi method was used to evaluate the model. The Delphi approach used produced an overall significant value in evaluators' understanding of the usefulness, ease of use and acceptability of the model as an IS/IT audit risk model for the assessment of digital risks and strategies of different organisations. The ICC which was used to measure the Intra-Class Correlation (ICC) which is the reliability of agreement among the participating evaluators showed an average ICC of 0.90 with a significant p-value of 0.000 to prove the validity of the model. The study contributes to practice because it provides a tool to assist IT audit practitioners and other business IT assessors to reduce the risk of subjectivity in the allocation of IT audit resources at the planning stage of the audit or assessment.

Hemalata A. Gosavi,Manish R. Umale

DOI: https://doi.org/10.14445/22315381/IJETT-V11P235

2014-05-24

Abstract:Cloud computing has been envisioned as the next generation architecture of IT Enterprise. Using Cloud Storage,users can remotely store their data and enjoy the on demand high quality applications and services from a shared pool of configurable computing resources, without the burden local copy data storage and maintenance. It moves the application of software data stored to the centralized large data centers, where the management of the data stored services may not be completely trusted. There are many new security challenges and the problems taken into account for ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA) to perform verifies the integrity of the dynamic data stored in the cloud.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Suresh Sood,Angela Kim

DOI: https://doi.org/10.18775/ijied.1849-7551-7020.2015.92.2001

2023-06-01

International Journal of Innovation and Economic Development

Abstract:Since the audit of the Parthenon in the 5th century, the audit has remained unchanged, focusing backward on financial statements. Global regulatory pressures are mounting for audit professionals and public accounting firms to make structural changes. In the 21st century, a new type of audit, the EPSAC value audit, is emerging, focusing on non-financial information, including operational data from company business functions and processes, and big external data, including social media. In addition, EPSAC focuses on the critical engagement areas of e-commerce, post-quantum cryptography, psychosocial hazards, artificial intelligence and machine learning, and tackling deepfakes. While a talent shortage of subject matter experts exists, auditors can use artificial intelligence knowledge bases to deliver the value audit. Such knowledge bases extend to the key EPSAC domains of cybersecurity and ESG, creating proxies for virtual team members. For example, industry 5.0, combining A.I. and IoT innovations, requires auditors to augment their skill sets with knowledge bases beyond traditional financial expertise to effectively navigate the complexities of the changing business environment, enhance the quality of audits, and provide valuable insights and assurance to stakeholders.

English Else

М.Е. Косов

DOI: https://doi.org/10.53039/2079-4401.2021.8.6.013

2021-12-08

Modern Science

Abstract:Внедрение новых информационных технологий оказало влияние на развитие новых сфер бизнеса, в частности электронной коммерции. В быстро меняющихся условиях внешней среды, оказывающих значительное влияние на деятельность компаний, сфера электронной коммерции подвергается большому количеству рисков, что предопределяет ее уязвимость. В данном случае система внутреннего контроля выступает одним из способов предотвращения негативных последствий при наступлении рискового события. The introduction of new information technologies has influenced the development of new areas of business, in particular e-commerce.In a rapidly changing external environment that has a significant impact on the activities of companies, the e-commerce industry is exposed to alarge number of risks, which predetermines its vulnerability. In this case, the internal control system acts as one of the ways to prevent negativeconsequences in the event of a risk event.

Pavel Castka,Cory Searcy

DOI: https://doi.org/10.1016/j.bushor.2021.11.003

Abstract:The COVID-19 pandemic has exposed the obsolescence and vulnerability of many existing auditing practices. While some progressive practices have been implemented (e.g., remote audits using rudimentary information and communication technologies), a new paradigm is needed not only to account for the risk of repeated lockdowns but also to align practices with the level of digitalization, automation, and use of artificial intelligence in the current business environment. In this article, we argue that the adoption of new technologies requires a fundamental rethinking of how auditing services are delivered. We argue that new technological possibilities have implications for five other auditing elements that enable a shift from the old to the new paradigm of auditing, namely actors, processes, spaces, training and skills development, and services. We explain how nonfinancial audits conducted under the new paradigm are key enablers of a firm's ability to participate and to thrive in a competitive international marketplace.

Arun Sukumar,Hannan Amoozad Mahdiraji,Vahid Jafari‐Sadeghi

DOI: https://doi.org/10.1111/risa.14092

2023-01-12

Risk Analysis

Abstract:The role played by information and communication technologies in today's businesses cannot be underestimated. While such technological advancements provide numerous advantages and opportunities, they are known to thread organizations with new challenges such as cyberattacks. This is particularly important for small and medium‐sized enterprises (SMEs) that are deemed to be the least mature and highly vulnerable to cybersecurity risks. Thus, this research is set to assess the cyber risks in online retailing SMEs (e‐tailing SMEs). Therefore, this article employs a sample of 124 small e‐tailers in the United Kingdom and takes advantage of a multi‐criteria decision analysis (MCDA) method. Indeed, we identified a total number of 28 identified cyber‐oriented risks in five exhaustive themes of "security," "dependency," "employee," "strategic," and "legal" risks. Subsequently, an integrated approach using step‐wise weight assessment ratio analysis (SWARA) and best–worst method (BWM) has been employed to develop a pathway of risk assessment. As such, the current study outlines a novel approach toward cybersecurity risk management for e‐tailing SMEs and discusses its effectiveness and contributions to the cyber risk management literature.

public, environmental & occupational health,mathematics, interdisciplinary applications,social sciences, mathematical methods

Oluwatosin Ilori,Nelly Tochi Nwosu,Henry Nwapali Ndidi Naiho

DOI: https://doi.org/10.51594/farj.v6i6.1213

2024-06-13

Finance & Accounting Research Journal

Abstract:In the face of increasing complexity and rapid technological advancements, traditional internal audit methods are becoming inadequate for comprehensive risk assessment and effective fraud detection. Advanced data analytics offers a transformative approach that enhances the effectiveness of internal audits. This concept paper presents a framework for integrating advanced data analytics into internal audit processes, aiming to provide more robust risk management and improved fraud detection capabilities. Integrate diverse data sources, including financial, operational, and external data, to provide a holistic view of the organization's risk landscape. Implement rigorous data governance practices to ensure data accuracy, consistency, and reliability. Use machine learning algorithms and predictive analytics to identify patterns, predict future risks, and detect anomalies. Employ real-time data analytics for continuous monitoring, enabling the timely detection and response to emerging threats. Develop adaptive risk assessment models that can evolve with changing business environments and emerging risks. Utilize data-driven insights to prioritize risks based on their potential impact and likelihood. Deploy advanced algorithms to uncover complex fraud schemes that traditional methods might miss. Conduct scenario-based analysis to identify potential fraud patterns and strengthen preventive measures. Use analytics to focus audit efforts on high-risk areas, enhancing the efficiency and effectiveness of audits. Incorporate data-driven procedures into audit execution, reducing manual efforts and increasing precision. Advanced data analytics provides deeper insights, enabling more proactive and comprehensive risk management. Real-time and predictive analytics significantly enhance the ability to detect and prevent fraud, mitigating financial and reputational damage. Data-driven audit processes streamline activities, allowing auditors to focus on high-value tasks and reducing the overall audit cycle time. Analytics provide accurate and timely insights, supporting better decision-making in risk management and fraud prevention. Secure commitment from senior management to support the integration of advanced data analytics into internal audits. Establish a governance framework to oversee the implementation and alignment with organizational objectives. Invest in advanced analytics platforms and tools that support real-time data processing and analysis. Ensure robust data security measures to protect sensitive information. Train audit professionals in data analytics techniques and tools, fostering a culture of continuous learning and innovation. Implement pilot projects to test and refine the data analytics framework, using lessons learned to scale up across the organization. Integrating advanced data analytics into internal audits offers significant benefits, including enhanced risk management, improved fraud detection, and increased audit efficiency. By adopting this conceptual framework, organizations can better protect their assets, ensure compliance, and maintain stakeholder confidence in an increasingly complex and digital business environment. The future of internal auditing is data-driven, and organizations must embrace this transformation to remain competitive and secure. Keywords: Fraud Detection, Risk Assessment, Internal Audits, Advanced Data Analytics, Conceptual Frameworks.

Junyi Chen

DOI: https://doi.org/10.55267/iadt.07.13907

2023-11-16

Abstract:The industries significantly rely on information technology for effective operations; however, there are hazards like data breaches and system breakdowns. Information system audits are essential to reducing these risks, ensuring quality control, and optimizing the system. These audits evaluate gaps in controls, non-compliance concerns, and vulnerabilities, allowing for the installation of efficient risk mitigation measures. Information system audits are essential for locating and reducing hazards related to an organization's information systems.Vulnerabilities, threats, and control flaws can be found through routine audits, which then allows for the deployment of the necessary controls and risk-reduction measures. Additionally, audits support quality assurance by assessing data reliability, accuracy, and completeness, as well as system performance, regulatory compliance, and industry best practices.The deployment of remedial steps to improve data integrity and system reliability is made possible by their assistance in assisting organizations in identifying gaps and flaws. Information system audits also aid system optimization by revealing details about the functionality and performance of the system.  An extensive evaluation of the literature and case study analysis was used to perform the research.For the analysis of this research, a sequential mixed technique (qualitative and quantitative) study was conducted. Delphi questionnaires were used twice to conduct the study. It encompasses organizations and entities involved in various aspects including but not limited to logistics companies, freight carriers, shipping and distribution firms, public transportation agencies, and supply chain service providers. Data from the semi-structured interviews for the qualitative study were collected via a Delphi survey, and 14 nodes and six themes were then generated.Audits assist organizations in identifying areas for improvement and informing decisions about system upgrades or alterations by analyzing system utilization, response times, resource allocation, and scalability. The results of this study highlight the importance of information system audits in assuring the prosperity, effectiveness, and resilience of businesses engaged in supply chain operations. Organizations can attain a greater level of enterprise risk management, quality assurance, and system optimization, which will improve supply chain operations in general, by managing risks, improving data quality, and optimizing system performance.

Gui Yumin

DOI: https://doi.org/10.1145/3436209.3436888

2020-10-09

Abstract:As a new type of transaction model in the Internet + era, e-commerce has been integrated into people's lives and plays an important role. E-commerce business transactions will inevitably be affected by payment behavior, taxation and other factors. With the rapid development of e-commerce companies, the current financial risk management model of e-commerce companies is no longer able to meet the development requirements of the company. Their financial management and financial status are facing major tests, which directly affect the normal operation of the company. It is increasingly important to strengthen the financial risk management of e-commerce companies. This article takes e-commerce companies as the research object and analyzes financial risk management on the basis of big data. It mainly explores how e-commerce companies do a good job in security management, how to establish and improve corporate financial risk management systems, and then improve corporate financial risk identification and management and control capabilities to ensure the healthy and sustainable development of the company. With the emergence of big data, e-commerce companies have risen sharply, so the competition between them has become increasingly fierce. Therefore, their own financial risks are more strictly controlled. Only by strengthening corporate financial risk management can the company be able to promote stable and long-term development. In the context of Internet+, strengthening the research on financial risk management of e-commerce companies has become a key concern of all sectors of society. This is of great significance for preventing corporate financial risks, improving financial management capabilities and comprehensive competitiveness.