TY - JOUR
T1 - A study on information systems auditing processes using AHP - An approach to audit engineering
AU - Shimada, Yuji
AU - Nakashima, Kenichi
AU - Nose, Toyokazu
PY - 2007/5/21
Y1 - 2007/5/21
N2 - The role of IS (Information Systems) auditing is becoming increasingly important because IS auditing is one of the most important components of FT governance and corporate governance. Therefore, IS auditors should be able to explain the audit process, their objectivity and conclusions of the audit. The audit process is based on risk assessment. Auditors should assess various kinds of IS risks, for instance, effectiveness risk, efficiency risk, compliance risk, legal risk, confidentiality risk, availability risk and integrity risk. Risk assessment consists of impact assessment and probability assessment. But auditors cannot make precise assessments of impact and probability, because there are no common measures for assessing the risk. In this paper, we discuss a risk assessment method that analyzes various kinds of risks using AHP (Analytic Hierarchy Process). Auditors can assess various kinds of risk using AHP, and they can explain their risk assessment results numerically. The proposed approach contributes to improving the audit process. Numerical results based on the actual data are given to show the usefulness of the methodology.
AB - The role of IS (Information Systems) auditing is becoming increasingly important because IS auditing is one of the most important components of FT governance and corporate governance. Therefore, IS auditors should be able to explain the audit process, their objectivity and conclusions of the audit. The audit process is based on risk assessment. Auditors should assess various kinds of IS risks, for instance, effectiveness risk, efficiency risk, compliance risk, legal risk, confidentiality risk, availability risk and integrity risk. Risk assessment consists of impact assessment and probability assessment. But auditors cannot make precise assessments of impact and probability, because there are no common measures for assessing the risk. In this paper, we discuss a risk assessment method that analyzes various kinds of risks using AHP (Analytic Hierarchy Process). Auditors can assess various kinds of risk using AHP, and they can explain their risk assessment results numerically. The proposed approach contributes to improving the audit process. Numerical results based on the actual data are given to show the usefulness of the methodology.
UR - http://www.scopus.com/inward/record.url?scp=34248594144&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34248594144&partnerID=8YFLogxK
M3 - Article
AN - SCOPUS:34248594144
VL - 57
SP - 511
EP - 519
JO - Journal of Japan Industrial Management Association
JF - Journal of Japan Industrial Management Association
SN - 0386-4812
IS - 6
ER -