THE EFFECT OF GENERAL CONTROLS OF INFORMATION SYSTEM AUDITING … · controls of information...

ijcrb.webs.com

INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS

COPY RIGHT © 2013 Institute of Interdisciplinary Business Research

356

JULY 2013

VOL 5, NO 3

THE EFFECT OF GENERAL CONTROLS OF INFORMATION

SYSTEM AUDITING IN THE PERFORMANCE OF INFORMATION

SYSTEMS :FIELD STUDY

Mansour Naser ALraja Assistant Professor of Management Information Systems, Jerash University-Jordan

post code 26150 JORDAN

Nayef Rage ALomiam

Assistant Professor of public Administration, Jerash University-Jordan

Abstract This study aimed to determine the role played by the general controls of information systems auditing in

improving the performance of information systems in banks listed in the Amman Stock Exchange. To achieve

the objectives and testing of hypotheses a questionnaire was developed especially for the

collection of data from a study sample, which consisting of (64) employees at banks listed in

Amman Stock Exchang , the number of questionnaires analyzed are (52), representing (81.25 %) of

the questionnaires distributed. By using appropriate statistical tests, results of the study

showed that banks listed in Amman Stock Exchang apply General controls of information systems

auditing in general, also it found that there is a significant relationship between general

controls of information systems auditing and information systems performance, and general

controls of information systems auditing has a significant impact on information systems

performance.

Keywords: General controls, Information systems, Auditing, performance, Bank, Amman Stock

Exchange.

1. Introduction The need to provide strategic information for all concerned levels, is one of the challenges faced by most

companies in the digital economy, which is witnessing a revolution of the developments and changes at different

levels of economic and social in general and technological especially, information is the core of the

administrative leader work in the business. When the need for efficiently and effectively information increase,

that raise the required for controls and standards include a methodology of systems development review, and

review of the used systems documentation, and also to confirm the effectiveness of legal controls which used at

bank. All this is done by the process of systems auditing, by reviewing all stages of developing the systems and

confirm appropriate controls, and identification and application it, as a result that reducing the economic cost of

the systems and improve the quality of information provided by the systems and thus increase the system's ability

to adapt to the latest changes, leading to achievement of objectives, so this study came to focus on this vital

subject and important in one of the important sectors in Jordan, which is facing increasing competition, it is the

private banking sector.

2. Study objectives This study aimed to determine the role played by the general controls of information systems

auditing in improving the performance of information systems in banks listed in the Amman

Stock Exchange. We can subdivide this main goal into following goals:

- Determine the role of general controls of information systems auditing in improving the

quality of information provided by the systems

- Determine the role of general controls of information systems auditing in increase the

contribution of information systems to achieve the objectives of the bank.

- Determine the role of general controls of information systems auditing in facilitate the

adaptation of systems with the latest changes.

- Determine the role of general controls of information systems auditing in reducing the

economic cost of the systems.

ijcrb.webs.com



357

JULY 2013

VOL 5, NO 3

3. Literature Review

3.1. General Controls of Information System Auditing As soon as data and management procedures are handled by automated systems, Information

Systems Auditing comes into place. This includes new methodologies and control techniques,

pertinent to an automated environment. Information System Auditing requires an opinion

about the Information Systems and data that they process. The data must be accurate,

complete and authorized. Errors must be properly detected and corrected in time and there

must be planned and accurate procedures to guarantee the continuation of operations(Piattini,

2000). Ron Weber has defined IS audit as "the process of collecting and evaluating evidence

to determine whether a computer system (information system) safeguards assets, maintains

data integrity, achieves organizational goals effectively and consumes resources efficiently."

(Sayana, 2002).

Information System Auditing Objectives: The general Information System Auditing

Objectives are as Follows (Piattini, 2000):

• Validation of the organizational aspects and administration of the Information Service

function.

• Validation of the controls of the system development life cycle.

• Validation of access controls to installations, terminals, libraries, etc.

• Automation of Internal Auditing activities.

• Internal Training.

• Training members of the Information Service Function Department

• Collaboration with External Auditors

Controls: consist of all the methods, policies, and organizational procedures that ensure the

safety of the organization's assets, the accuracy and reliability of its accounting records, and

operational adherence to management standards.

Control Objectives: In general, the major control objectives are considered to be as follows

(Piattini, 2000):

• Safeguarding of assets

• Guarantee data accuracy, reliability and authorization

• Operation efficiency

• Compliance with organizational policies and procedures

Types of IS audit(Auditor General’s, 2006):

- Audit of IS general controls.

- Audit of application controls.

- Audit of IS development controls.

- IS performance audit.

3.2. performance of information systems Information systems “is a group of components that interact to produce information”

(Kroenke,4,2007), also, “an information systems collects, processes, stores, analyzes, and

disseminates information for a specific purpose. While Computer-based information system is

an information system that uses computer technology to perform some or all of its intended

tasks”(Turban and others, 2006), information systems exist help business achieve their goals

and objectives, as we know business themselves do not do anything and it cannot act. It is the

people within a business who sell, buy, design, produce, finance, market, account, and

manage. So information systems exist to help people who work in a business to achieve the

goals and objectives of that business(Kroenke, 2007). The basic components of information

system are: hardware, software, database, networks, procedures, and people(Turban and

others, 2006).

ijcrb.webs.com



358

JULY 2013

VOL 5, NO 3

A number of important forces affect the pace and effectiveness of progress in using

information systems and in delivering business benefits. The relative weighting of each factor

varies over time, and will also vary from one organization to another. These factors

include(Ward and Peppard, 2002): 1. the capabilities of the technology;

2. the economics of deploying the technology;

3. the applications that are feasible;

4. the skills and abilities available, either in-house or from external sources, to develop

the applications;

5. the skills and abilities within the organization to use the applications;

6. the pressures on the particular organization or its industry to improve performance. The top ten dimensions of Information Systems performance (Chang, 2001):

1. Information Systems impact on strategic direction;

2. Integration of Information Systems planning with corporate planning;

3. Quality of information outputs;

4. Information Systems contribution to organizational financial performance;

5. Information Systems function operational efficiency;

6. User/management attitudes about Information Systems function;

7. Information Systems staff competence;

8. Integration with related technologies across other organizational units;

9. Adequacy of system development practice; and

10. Ability of Information Systems function to identify and assimilate new technologies

3.3. Related Works (Allinson, 2001) in this study Information on principles, techniques and processes used, and

the reason for the recording, storing and releasing of audit information for evidentiary

purposes have been studied. It is shown that most organizations studied generate and retain

audit trails but the approach is not consistent nor is it comprehensive. It is suggested that these

materials would not withstand a serious legal challenge. (Buchanan & Gibb, 2007) This

study discusses three challenges to current practice: limited guidance on management of

scope; ambiguous linkage to related ICT development processes; and the lack of a standard

methodological approach. In response to these challenges, the role and scope of the IA is re-

examined, key relationships to information strategy and information system architecture (ISA)

are defined and mapped, and a two-dimensional matrix is proposed to manage scope.

(Buchanan & Gibb, 2008) they consider the comprehensiveness, applicability, and usability

of four commonly cited information audit methodologies. Comprehensiveness considers the

conceptual, logical, and structural completeness of each methodological approach.

Applicability considers the scope of each approach, and the ability to tailor the approach to

individual organizational requirements. Usability considers the perceived ease with which

each approach can be adopted and applied. A methodological baseline has also been

established, which provides a reusable framework to guide future methodology selection, and

for developing an individual or tailored approach to the information audit. Also (Buchanan &

Gibb, 2008) in the next study they present and discuss five information audit (IA) case

studies, which tested the application and usability of an IA methodology. The studies also

trailed an IA scope matrix and incorporated process modeling. The main strengths of the IA

methodology were found to be the logical structuring of stages, provision of a comprehensive

toolkit, and the flexibility to remove stages not relevant to the client brief. A limitation of the

methodology was found to be its lack of instructional depth. The IA scope matrix was

ijcrb.webs.com



359

JULY 2013

VOL 5, NO 3

successfully trailed, and process modelling proved extremely valuable, encouraging

participant involvement by focusing on readily understandable aspects of day-to-day work,

and providing an organizational model of information flow. (Philee, 2009) Hamed and Hoda

Philee considered that the information technology and business internal controls as a major

factor for business security, they found the IT usage need to strong internal controls .

4. Study Questions We can summarize the main problem of the study by asking: what is the impact of general

controls of information systems auditing in the performance of information systems in banks

listed in the Amman Securities Exchangee? We can subdivide this main question into

following questions:

- what is the impact of general controls of information systems auditing in improving the

quality of information provided by the systems?

- what is the impact of general controls of information systems auditing in increase the

contribution of information systems to achieve the objectives of the bank?

- what is the impact of general controls of information systems auditing in facilitate the

adaptation of systems with the latest changes?

- what is the impact of general controls of information systems auditing in reducing the

economic cost of the systems?

5. Hypothesis and Study Model To answer the study questions, the research depend on the following main hypothesis: There

is a significant effect of general controls of information systems auditing on the performance

of information systems in banks listed in the Amman Securities Exchange? And subdivided

by the following assumptions:

- There is a significant effect of general controls of information systems auditing on

improving the quality of information provided by the systems?

- There is a significant effect of general controls of information systems auditing on increase

the contribution of information systems to achieve the objectives of the bank?

- There is a significant effect of general controls of information systems auditing on facilitate

the adaptation of systems with the latest changes?

- There is a significant effect of general controls of information systems auditing on economic

cost of the systems?

General Controls of Information Information Systems Performance

systems Auditing

Information systems

Strategy.

Documentation

Legal Controls to

protect Information

Systems

Quality of information

Information system

contribution

The system's ability to adapt

to the new changes

Economic cost of the system

ijcrb.webs.com



360

JULY 2013

VOL 5, NO 3

6. Methodology

6.1. Population and Sample The target population for this study comprised all the Banks listed in Amman Securities Exchange. A sample of

(8) banks were chosen randomly from the targeted population, 58 questionnaires were distributed, the response

rate was about 81.25 % (52 usable responses).

6.2. Data Collection Secondary data was collected based on the findings of published papers, articles, books, prior studies, and the

World Wide Web. The primary data collection was carried out using a self-designed questionnaire, this

adopted instrument comprises three sections, the first section covers the demographic information (Gender, Age,

Period of working at bank, Education ), the second section contains (18) items measuring Information systems

performance, the third section measures general controls of Information systems auditing through (21) items

also, Five Likert-type scales were used to score the responses.

6.3. Instrument Reliability The reliability of data collected instrument was measured using Cronbach's alpha coefficient;

the reliability test was conducted to check for inter-item correlation in each of the variables in

the questionnaire. The closer Cronbach's alpha is to one, the higher the internal consistency

reliability (Sekaran, 2003). The test results are as follows: Cronbach alpha for Independent

Variable = 0.785, Cronbach alpha for dependent Variable = 0.899, Cronbach alpha for over all

instruments = 0.912 which approached to the acceptable limit.

6.4. Data Analysis Methods Statistical Package for Social Sciences (SPSS) was used to analyze the data. Descriptive

techniques such as; frequencies, percentages, means, standard deviation (Std.) and coefficient

of variation were used to describe the variables. Spearman correlation and multiple regression

analysis were used to test hypothesis of the study.

7. Statistics Analysis and Hypothesis Testing

7.1. Analysis of Personal and Functional Characteristics We used several questions to find out the distribution of the study sample, according to

personal and functional characteristics, such as gender, age, Period of working at bank, and

Education. Table (1) shows these properties. Table (1) Personal and Functional Characteristics (N=52)

Variable Frequency Percent

GENDER male 28 53.8

female 24 46.2

AGE

less than 30 years 20 38.5

31 - 40 19 36.5

41 - 50 8 15.4

51 and more 5 9.6

EDUCATION

pre bachelor 5 9.6

bachelor 39 69.2

MBA & PhD 11 21.2

Period of working at

bank

5 years and less 21 40.4

from 6 to 10 18 34.6

from 11 to 15 10 19.2

16 and more 3 5.8

ijcrb.webs.com



361

JULY 2013

VOL 5, NO 3

7.2. Study variables Description To determine the availability of the study variables, we divided the main independent variable into three major

dimensions, and the dependent variable into four major dimensions, each dimension was measured with a set of

indicators shown in the table(2).

Table (1) variables Description Characteristics (N=52)

Std. Mean Questions No.

1.27911 3.8269 There is a clear definition of the vision and mission of information systems. 1

1.10258 4.0000 There is a clear methodology for strategic planning for information systems linked to the

overall strategy of the bank. 2

1.16040 4.2885 Strategic plan identifies key priorities for information systems, and resources that

systems need. 3

1.02826 3.9615 Information systems unit is involved in building and implement the overall strategy of

the bank. 4

.81175 4.0192 (x1) information systems Strategy.

.91638 3.9423 The bank Documents all procedures used in data collection. 5

.99528 4.0962 The Bank has a mechanism to make sure that the data collected, is in conformity with the

procedures adopted by the bank. 6

.94972 4.0000 The Bank has written standards describe where and when the operating procedures

perform. 7

1.16170 3.9423 The performance of information systems performance is Measured by documented

standards. 8

1.17734 3.5769 There is a standard format for recording data. 9

1.08535 3.8077 All models adopted by the bank, dated. 10

1.14338 3.7115 The name of person or entity which collect the data is specified on these forms. 11

1.06359 3.9231 The auditing of the data recorded, done by another specialist. 12

1.16946 3.7500 The bank relies specific actions are periodically carried out to ensure the accuracy of the information system.

13

.67492 3.8611 (x2) Documentation.

1.32088 4.0192 The Bank uses passwords and smart cards to verify the identity of persons and data

sources. 14

1.17349 3.7308 To protect data against illegal use, the bank determine the responsibilities of access to

data and to deal with it. 15

1.18865 3.8654 protection procedures Increase whenever the importance of data Increase. 16

1.07400 3.9423 The bank use the data encryption technology to protect it from change and replacement. 17

1.16575 3.8846 To protect the data, bank uses a system to registration the date and time of the codes, turn

it off, suspended, restarted, and cancellation. 18

1.21826 3.9231 There is deterrent procedures against those who display the system and information to

penetrate and danger. 19

1.15209 4.0769 Bank relies protection standards comparable to international used standards. 20

.92803 3.9615 The bank regulations require that the users of information systems must be expertise and

competence. 21

.82034 3.9255 (x3) Legal Controls to protect Information Systems

.48723 3.9158 (X) General Controls of Information Systems Auditing

1.33409 4.1538 The information which provided by the systems is Features with modernity. 22

1.07400 3.9423 The information is provided at the right time. 23

1.04787 4.0000 The provided information is featured with the sincerity and consistency. 24

.95762 4.1538 The provided information is featured with the accurate, realistic and concise.. 25

1.25290 3.8654 The provided information is featured with the flexibility. 26

1.05701 3.9808 Information is provided according to the requirements of beneficiary using multiple

methods. 27

ijcrb.webs.com



362

JULY 2013

VOL 5, NO 3

.79367 4.0160 (y1) Quality of information provided by systems

1.17091 3.9615 The current Information systems is correspond with requirements of decisions relating to

the achievement of the objectives of the Bank in general. 28

1.13094 3.7692 Information systems which used in the bank, guarantee provide service to all units and

departments in the bank. 29

1.06571 4.0385 There is an integration and mutual coordination between the different departments in the

Bank, to use information from the placed plans, correspondence with the unity and

stability of the objectives to be achieved. 30

1.41208 3.9231 Information systems which used at the bank, helps to quickly provide information in

response to customer requirements. 31

1.15258 3.7500 Information systems which used at the bank, enables to complete doing daily works

immediately on-line. 32

.83117 3.8885 (y2)Information system contribution to achieving the objectives of the bank

1.19245 3.9038 Information systems which used at the bank is featured with highly efficient of storage,

classification, retrieval, and update data and information that I need in my work. 33

1.18818 4.0000 Information provided by the information systems which used at the bank meet the needs

of decision makers at all administrative levels. 34

.98000 4.0192 Information systems which used at the bank is featured with ability to provide the

information in spite of the size growing and diversity of operations. 35

1.09072 3.7885 The information has the required of accuracy and reliability in spite of the size growing

of operations. 36

.76750 3.9279 (y3) The system's ability to adapt to the new changes

1.17718 3.7885 Information provided by the current Information Systems provides useful return justify

their cost. 37

1.17220 3.8077 Usually I get better results for my decisions when I depend on information provided by

the system. 38

1.22628 3.5769 Information systems helps to strengthen the financial position of the bank by reducing

costs and increasing sales. 39

.93287 3.7244 (y4) Economic cost of the system

.70112 3.9124 (Y) Information Systems Performance

7.2.1. General Controls of Information System Auditing As it clear from the table (2) the total mean is (3.9158), and the answers of the study sample on these

dimensions were close, the standard deviation indicates that, which was (.48723), which reflects the perception

of respondents to the importance of General Controls of Information System Auditing, this importance was

according to the views of sample members, arranged as follows: information systems Strategy with mean

(4.0192) and a standard deviation (.81175), second place Legal Controls to protect Information Systems with

mean (3.9255) and a standard deviation (.82034), and came Documentation in third place with mean (3.8611)

and a standard deviation (.67492)

7.2.2. performance of information systems Also from the table (2) we can see the total mean of information systems performance is (3.9124), and the

answers of the study sample on these dimensions were very close, the standard deviation indicates that, which

was (.70112), the arrangement of these dimensions according to the sample members opinion, as follows:

Quality of information provided by systems with mean (4.0160) and a standard deviation (.79367), second place

The system's ability to adapt to the new changes with mean (3.9279) and a standard deviation (.76750) , third

place Information system contribution to achieving the objectives of the bank with mean (3.8885) and a standard

deviation (.83117), and Economic cost of the system came in fourth place with mean (3.7244) and a standard

deviation (.93287).

ijcrb.webs.com



363

JULY 2013

VOL 5, NO 3

7.3. Hypothesis Testing We used Pearson's test to identify if there is relationship between General Controls of

Information System Auditing and performance of information systems, As it seen in Table

(3), the output indicates that there is a positive significant correlation at (P≤0.01) between

General Controls of Information System Auditing and information systems performance,

which implies that the Banks which listed in Amman Securities Exchange focus on

information systems audit to improve the systems performance but they must give more

important to the information systems auditing in the future (r = 0.725), also we can note that

there is no relationship Legal Controls to protect Information Systems and performance of

information systems and sometimes sounds negative .

Table (3) Correlations (N=52)

X x1 x2 x3

Y Pearson Correlation .725** .803** .861** -.063

Sig. (2-tailed) .000 .000 .000 .656

N 52 52 52 52

y1 Pearson Correlation .647** .793** .749** -.077

Sig. (2-tailed) .000 .000 .000 .590

N 52 52 52 52


Sig. (2-tailed) .000 .000 .000 .590

N 52 52 52 52


Sig. (2-tailed) .001 .001 .000 .418

N 52 52 52 52

y4 Pearson Correlation .672** .637** .700** .085

Sig. (2-tailed) .000 .000 .000 .550

N 52 52 52 52

** Correlation is significant at the 0.01 level (2-tailed).

* Correlation is significant at the 0.05 level (2-tailed).

ijcrb.webs.com



364

JULY 2013

VOL 5, NO 3

Multiple regression analysis was conducted to test the hypotheses. Multiple regression

identifies how much of the variance in the dependent variable will be explained when a set of

variables is able to predict a particular outcome. Using multiple regression analysis is subject

to normality of the data.

Hypothesis 1: Table (4) Model Summary

Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .840a .705 .687 .44419

a. Predictors: (Constant), x3, x1, x2

Table (5) ANOVAb

Model Sum of Squares df Mean Square F Sig.

1 Regression 22.655 3 7.552 38.274 .000a

Residual 9.471 48 .197

Total 32.126 51


b. Dependent Variable: y1

Table (6) Coefficientsa

Model

Unstandardized Coefficients

Standardized

Coefficients

B Std. Error Beta t Sig.

1 (Constant) .148 .505 .293 .771

x1 .516 .106 .528 4.854 .000

x2 .451 .129 .384 3.510 .001

x3 .013 .076 .013 .168 .867

a. Dependent Variable: y1

adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially (x1)

information systems Strategy and (x2) Documentation) as it seen in table (6) affect directly in order (β =

0.528, 0.384, P0.01) on Information Quality, as it shown from table (4) (R2 = 0. 705) This means that General

Controls of Information Systems Auditing have been interpreted (70.5%) of the variance in Information Quality

that provided by Information systems, and also we noted from table (5) that the value of the statistical test (F =

38.274) is statistically significant at (P 0.01). this analysis lead us to accept the first hypothesis which said:

“There is a significant effect at level (P 0.01) of general controls of information systems auditing on

improving the quality of information provided by the systems”.

ijcrb.webs.com



365

JULY 2013

VOL 5, NO 3

Hypothesis 2:

Table (7) Model Summary

Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .861a .741 .725 .43608


Table (8) ANOVAb


1 Regression 26.105 3 8.702 45.759 .000a

Residual 9.128 48 .190

Total 35.233 51




Model


Standardized

Coefficients


1 (Constant) -.381 .496 -.767 .447

x1 .428 .104 .418 4.100 .000

x2 .638 .126 .518 5.059 .000

x3 .021 .075 .021 .282 .779



Documentation and (x1) information systems Strategy) as it seen in table (9) affect directly in order (β =

0.518, 0.418, P0.01) on information systems contribution to achieve the bank goals, as it shown from table (7)

(R2 = 0.741) This means that General Controls of Information Systems Auditing have been interpreted (74.1%)

of the variance in information systems contribution to achieve the bank goals, and also we noted from table (8)

that the value of the statistical test (F = 45.759) is statistically significant at (P 0.01). this analysis lead us to

accept the second hypothesis which said: “There is a significant effect at level (P 0.01) of general controls of

information systems auditing on increase the contribution of information systems to achieve the objectives of the

bank”.

ijcrb.webs.com



366

JULY 2013

VOL 5, NO 3

Hypothesis 3:


Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .648a .420 .384 .60246


Table (11) ANOVAb


1 Regression 12.620 3 4.207 11.590 .000a

Residual 17.422 48 .363

Total 30.042 51




Model


Standardized

Coefficients


1 (Constant) 1.258 .685 1.835 .073

x1 -.022 .144 -.023 -.149 .882

x2 .749 .174 .658 4.294 .000

x3 -.034 .104 -.036 -.329 .744



Documentation) as it seen in table (12) affect directly (β = 0.658, P0.01) on the system ability to convoy rapid

changes, as it shown from table (10) (R2 = 0.420) This means that General Controls of Information Systems

Auditing have been interpreted (42%) of the variance in the system ability to convoy rapid changes, as it shown

from table, and also we noted from table (11) that the value of the statistical test (F = 11.590) is statistically

significant at (P 0.01). this analysis lead us to accept the third hypothesis which said: “There is a significant

effect at level (P 0.01) of general controls of information systems auditing on facilitate the adaptation of

systems with the latest changes”.

ijcrb.webs.com



367

JULY 2013

VOL 5, NO 3

Hypothesis 4:


Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .751a .564 .536 .63513


Table (14) ANOVAb


1 Regression 25.020 3 8.340 20.675 .000a

Residual 19.363 48 .403

Total 44.382 51




Model


Standardized

Coefficients


1 (Constant) -1.158 .723 -1.603 .116

x1 .334 .152 .291 2.195 .033

x2 .718 .184 .520 3.909 .000

x3 .195 .109 .172 1.788 .080


depending on the results of regression analysis, the General Controls of Information Systems Auditing

(especially (x2) Documentation) as it seen in table (15) affect directly (β = 0.261, P0.01) on economic cost of

systems, as it shown from table (13) (R2 = 0. 564) This means that General Controls of Information Systems

Auditing have been interpreted (56.4%) of the variance in the economic cost of systems, and also we noted from

table (14) that the value of the statistical test (F = 20.675) is statistically significant at (P 0.01). this analysis

lead us to accept the fourth hypothesis which said: “There is a significant effect at level (P 0.01) of general

controls of information systems auditing on economic cost of the systems”.

ijcrb.webs.com



368

JULY 2013

VOL 5, NO 3

Main Hypothesis: Table (16) Model Summary

Model R R Square

Adjusted R

Square

Std. Error of the

Estimate

1 .908a .824 .813 .30349


Table (17) ANOVAb


1 Regression 20.649 3 6.883 74.727 .000a

Residual 4.421 48 .092

Total 25.070 51


b. Dependent Variable: Y


Model


Standardized

Coefficients


1 (Constant) .030 .345 .087 .931

x1 .342 .073 .396 4.704 .000

x2 .614 .088 .591 6.989 .000

x3 .035 .052 .041 .673 .504

a. Dependent Variable: Y

As it clear from the results of regression analysis, the General Controls of Information Systems Auditing

(especially (x2) Documentation and (x1) information systems Strategy) as it seen in table (18) affect directly

in order (β = 0.591, 0.396, P0.01) on Information systems Performance (quality of information provided

by systems, information system contribution to achieving the objectives of the bank, the system's ability to

adapt to the new changes, economic cost of the system), as it shown from table (16) (R2 = 0.824) This

means that General Controls of Information Systems Auditing have been interpreted (82.4%) of the variance in

Information systems Performance, and also we noted from table (17) that the value of the statistical test (F =

74.727) is statistically significant at (P 0.01). this analysis lead us to accept the main hypothesis which said:

“There is a significant effect at level (P 0.01) of general controls of information systems auditing on the

performance of information systems in banks listed in the Amman Securities Exchange”.

ijcrb.webs.com



369

JULY 2013

VOL 5, NO 3

8. Conclusions After analyzing the data and testing the hypotheses, the following major conclusions were

reached: 1. General controls of information systems auditing dimensions (Information Systems Strategy,

Documentation, and Legal Controls) are provided in high percentages with a mean

(4.0192, 3.8611, 3.9255) compared with the expected mean which is (3).T

2. here is significant statistical relationship between general controls of information systems

auditing and information systems performance at the confidence level (P≤0.01).

3. The study revealed that general controls of information systems auditing have a significant

statistical impact on information systems performance and explains (82.4%) of the

variation in information systems performance

9. Recommendations According to the findings of this study we can give some suggestions, might be they can help

managers in the banks that listed at Amman Securities Exchange if they use them effectively.

1. Banks that listed at Amman Securities Exchange highly encouraged to illustrate the strong

relationship between general controls of information systems auditing and information

systems performance especially Legal Controls to protect Information Systems.

2. Banks that listed at Amman Securities Exchange highly encouraged to develop a clear

strategy allow them to increase the role of general controls of information systems

auditing in improvement Economic cost of the system, and Information system

contribution to achieving the objectives of the bank.

3. reinforcement the role of general controls of information systems auditing in raising

Quality of information provided by systems, andThe system's ability to adapt to the new

changes

ijcrb.webs.com



370

JULY 2013

VOL 5, NO 3

References

1. Steven Buchanan, Forbes Gibb, The information audit: Theory versus practice,

International Journal of Information Management 28 (2008) 150–160.

2. Steven Buchanan, Forbes Gibb, The information audit: Methodology selection,

International Journal of Information Management 28 (2008) 3-11.

3. Steven Buchanan, Forbes Gibb, The information audit: Role and scope, International

Journal of Information Management 27 (2007) 159–172.

4. Caroline Allinson, Information Systems Audit Trails in Legal Proceedings as

Evidence, Computers & Security Vol.20, No.5, pp.409-421, 2001.

5. Hamed and Hoda Philee, Information Technology and Internal Controls, February 6,

2009, http://ssrn.com/. 6. Western Australian Auditor General’s Report, Information Systems Audit Report,

Report 2– April 2009.

7. The Auditor General’s, Methodological Recommendations for Information Systems

Audit, Order No. V-65 of 27 April 2006.

8. Mario Piattini, Auditing information systems , Chapter I, Basic Concepts of

Information System Auditing, Rafael Rodríguez de Cora, 2000, IDEA Group

Publishing.

9. Anantha Sayana, The Information System Audit Process, Information Systems

Control Journal, Volume 1, 2002. 10. IS AUDITING PROCEDURE EVALUATION OF MANAGEMENT CONTROLS

OVER ENCRYPTION METHODOLOGIES DOCUMENT P9, 2009 ISACA.

11. IS AUDITING PROCEDURE IRREGULARITIES AND ILLEGAL ACTS

DOCUMENT P7, 2009 ISACA.

12. IS AUDITING GUIDELINE, G6 MATERIALITY CONCEPTS FOR AUDITING

INFORMATION SYSTEMS, 2009 ISACA.

13. IS AUDITING GUIDELINE FOLLOW-UP ACTIVITIES DOCUMENT G35 , 2009

ISACA.

14. IS AUDITING GUIDELINE, G8 AUDIT DOCUMENTATION, 2009 ISACA.

15. IS AUDITING GUIDELINE, G39 IT ORGANISATION, 2009 ISACA.

16. IS AUDITING PROCEDURE, P1 IS RISK ASSESSMENT MEASUREMENT, 2009

ISACA.

17. Ward, John and Peppard, Joe (2002) Strategic Planning for Information Systems,

Third Edition, John Wiley & Sons Ltd, England

18. Kroenke, David M. (2007), Using MIS, Pearson Education, Inc, New Jersey.

19. Turban, Efraim and leidner, Dorothy and Mclean, Ephraim and Wetherbe, James with

contribution by: Chung, Christy and Tse, Daniel and Lew, Maggie (2006),

Information Technology for management transforming organizations in the

digital economy, 5th

Edition, John Wiley & sons, Inc.

20. Chang, Cha-Jan Jerry(2001), the development of a measure to assess the performance

of the information systems function: a multiple-constituency approach, PhD thesis,

Faculty of the Katz Graduate School of Business, University of Pittsburgh.

Hamed%20and%20Hoda%20Philee,%20Information%20Technology%20and%20Internal%20Controls,%20February%206,%202009,%20http:/ssrn.com/

Hamed%20and%20Hoda%20Philee,%20Information%20Technology%20and%20Internal%20Controls,%20February%206,%202009,%20http:/ssrn.com/

Date post:	03-Jul-2020
Category:	Documents
Upload:	others
View:	16 times
Download:	0 times