A study on information systems auditing processes using AHP - An approach to audit engineering

Yuji Shimada*, Kenichi Nakashima, Toyokazu Nose

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


The role of IS (Information Systems) auditing is becoming increasingly important because IS auditing is one of the most important components of FT governance and corporate governance. Therefore, IS auditors should be able to explain the audit process, their objectivity and conclusions of the audit. The audit process is based on risk assessment. Auditors should assess various kinds of IS risks, for instance, effectiveness risk, efficiency risk, compliance risk, legal risk, confidentiality risk, availability risk and integrity risk. Risk assessment consists of impact assessment and probability assessment. But auditors cannot make precise assessments of impact and probability, because there are no common measures for assessing the risk. In this paper, we discuss a risk assessment method that analyzes various kinds of risks using AHP (Analytic Hierarchy Process). Auditors can assess various kinds of risk using AHP, and they can explain their risk assessment results numerically. The proposed approach contributes to improving the audit process. Numerical results based on the actual data are given to show the usefulness of the methodology.

Original languageEnglish
Pages (from-to)511-519
Number of pages9
JournalJournal of Japan Industrial Management Association
Issue number6
Publication statusPublished - 2007 May 21
Externally publishedYes

ASJC Scopus subject areas

  • Strategy and Management
  • Management Science and Operations Research
  • Industrial and Manufacturing Engineering
  • Applied Mathematics


Dive into the research topics of 'A study on information systems auditing processes using AHP - An approach to audit engineering'. Together they form a unique fingerprint.

Cite this