مقاله انگلیسی رایگان در مورد عوامل مرتبط با بازرسی امنیتی / سایبری با استفاده از حسابرسی داخلی – امرالد ۲۰۱۸

مقاله انگلیسی رایگان در مورد عوامل مرتبط با بازرسی امنیتی / سایبری با استفاده از حسابرسی داخلی – امرالد ۲۰۱۸

 

مشخصات مقاله
انتشار مقاله سال ۲۰۱۸
تعداد صفحات مقاله انگلیسی ۳۴ صفحه
هزینه دانلود مقاله انگلیسی رایگان میباشد.
منتشر شده در نشریه امرالد
نوع مقاله ISI
عنوان انگلیسی مقاله Factors associated with security/cybersecurity audit by internal audit function: An international study
ترجمه عنوان مقاله عوامل مرتبط با بازرسی امنیتی / سایبری با استفاده از حسابرسی داخلی: مطالعه بین المللی
فرمت مقاله انگلیسی  PDF
رشته های مرتبط حسابداری
گرایش های مرتبط حسابرسی
مجله مجله حسابرسی مديريت – Managerial Auditing Journal
دانشگاه Louisiana Tech University – Ruston – Louisiana – USA
کلمات کلیدی حسابرسی داخلی، امنیت سایبری، حکومت هیئت مدیره
کلمات کلیدی انگلیسی Internal audit, Cybersecurity, Board governance
کد محصول E7065
وضعیت ترجمه مقاله  ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید.
دانلود رایگان مقاله دانلود رایگان مقاله انگلیسی
سفارش ترجمه این مقاله سفارش ترجمه این مقاله

 

بخشی از متن مقاله:
Introduction

Cyberattacks have been unprecedented in the recent years; of the ten top technology risks identified by the Institute of Internal Auditors (IIA), both cybersecurity and information security rank as the top two technology risk concerns facing firms (IIA, 2015a, 2015b). The Heritage Foundation (2015) reported an average of 160 successful cyberattacks per week in 2014, which was more than three times the 2010 average. The costs of cyberattacks are tremendous (Ponemon Institute, 2015), averaging $15.4 million for a company operating in the USA, This figure has more than doubled since 2010, and the number of data breaches is expected to continue to increase (DiPietro, 2013). It is estimated that cybercrime could cost businesses over $2 trillion by 2019 (Juniper Research, 2015), which is nearly four times the estimated 2015 expense. In view of these findings, we see that cybersecurity risk management is of paramount importance, and we can confidently assert as a generality that higher-quality cybersecurity is in the interests of firms everywhere. Cybersecurity research has investigated behavioral aspects of technology users (Bulgurcu et al., 2013; D’Arcy et al., 2009; Johnston and Warkentin, 2010; Siponen and Vance, 2010; Spear and Barki, 2010). Researchers have also investigated security awareness (Herath and Rao, 2009; Puhakainen and Siponen, 2010; Willison and Warkentin, 2013) and market reactions to information security initiatives (Gordon et al., 2010). The relationship between the makeup of board technology committees in the context of security breaches has been studied (Higgs et al., 2016), similar to the effects of security incidents on firms and their reputations (Campbell et al., 2003; Cavusoglu et al., 2004; Goldstein et al., 2011; Wang et al., 2013). The relationship between security programs (Cavusoglu et al., 2009; Iheagwara, 2004; Kumar et al., 2008; Straub, 1990) and the optimal investment in security (Gordon and Loeb, 2002; Wang et al., 2008) has been studied as well. Less research has focused on information security governance (Dhillon et al., 2007; Hong et al., 2003; Mishar and Dhillon, 2006; Steinbart et al., 2016) and the important relationship between information security management and the internal audit function (IAF) (Steinbart et al., 2014a; 2014b; 2013; 2012).

Importance of security/cybersecurity audit

Even though the security risks to organizations have steadily increased, less empirical research has investigated various types of information systems (IS) security, in particular the nature and scope of system security implementations (Dhillon et al., 2007). There is also a limited understanding of how organizations manage the various IS security dimensions and the potential problems involved in doing so (Dhillon and Backhouse, 2001). Security/cybersecurity audit is a new dimension of security practice intended to support the protection of critical information assets of the firm. An auditing process will seek to obtain evidence of organizational information security policies and their efficacy for the protection of asset integrity, data confidentiality, and data access and availability (Pereira and Santos, 2010). Essentially, the audit serves to assess the effectiveness of an organization’s ability to protect its valued or critical assets (Onwubiko, 2009). Managing IS security is increasingly important for companies due to the growing dependence of the firm on technology for conducting business, creating competitive advantage and achieving a higher ROI (Pereira and Santos, 2010).

ثبت دیدگاه