What is it about?
Traditionally there is a conflict between an auditor and the audited. This study shows what issues can improve this relationship in the audit of information security processes.
Featured Image
Why is it important?
Information security is an increasingly important issue for firms. The problem is how to improve a firms information security practices. This improvement requires two processes: creating the information security practices and review of these practices. This study looks at how a synergy between these two groups can improve outcomes.
Perspectives
Internal audit can and should play a role in improving outcomes in a firm. Traditionally they have reviewed areas in which they have a level of comfort. This study demonstrates a need to become knowledgeable in information security.
Dr GRAHAM Gal
University of Massachusetts Amherst
Read the Original
This page is a summary of: The influence of a good relationship between the internal audit and information security functions on information security outcomes, Accounting Organizations and Society, November 2018, Elsevier,
DOI: 10.1016/j.aos.2018.04.005.
You can read the full text:
Contributors
The following have contributed to this page
