Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors

With the growing role of information technology (IT), many organizations have incorporated IT governance practices that include keeping executives apprised of IT risks. To perform this function, organizations rely upon their internal audit staff to obtain an independent evaluation of IT risks. Altho...

Full description

Saved in:
Bibliographic Details
Published in:The Journal of information systems 2023-04, Vol.37 (1), p.67-83
Main Authors: Nuijten, Arno L. P., Keil, Mark, Zwiers, Bert
Format: Article
Language:English
Subjects:
Auditors
Information technology
Internal auditing
Internal auditors
Risk exposure
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites cdi_FETCH-LOGICAL-c151t-c3215a78556a1135df1d7b54e229f1b5e77c586eb41403a357c75ca4ce9acf6c3
container_end_page 83
container_issue 1
container_start_page 67
container_title The Journal of information systems
container_volume 37
creator Nuijten, Arno L. P.
Keil, Mark
Zwiers, Bert
description With the growing role of information technology (IT), many organizations have incorporated IT governance practices that include keeping executives apprised of IT risks. To perform this function, organizations rely upon their internal audit staff to obtain an independent evaluation of IT risks. Although both general and IT auditors are involved in assessing IT risks, they may not be equally adept at identifying such risks. We draw on the expert versus nonexpert perspective to understand how general and IT auditors perceive IT risks differently. Through a quasi experiment with 70 internal auditors of a financial institution, we found that general auditors perceived IT risks to be lower than their IT audit colleagues. We also found that personal IT risk preferences influenced the level of IT risks that general auditors perceived. Personal IT risk preferences did not affect the risk perceptions of IT auditors. Implications for both research and practice are discussed.
doi_str_mv 10.2308/ISYS-2020-040
format article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2802978969</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2802978969</sourcerecordid><originalsourceid>FETCH-LOGICAL-c151t-c3215a78556a1135df1d7b54e229f1b5e77c586eb41403a357c75ca4ce9acf6c3</originalsourceid><addsrcrecordid>eNp1kL1OwzAURi0EEqUwsltiNvgnjh22UkGJVAnUloHJcp0bSGnjYKdC3XgHJl6PJ6FREWJhut-Vjs5wEDpl9JwLqi_y6eOUcMopoQndQz0mpSYqk9k-6lGtu63lITqKcUEpVVyoHvrI6xZCbZd4sC6q1of49f6J7yE4aNrK1xH7Eud16cPKdj-egXuu_dI_bcgElraFAk-q-BIv8QAP_aqxoYpb7AraN4Aaj6CG8MeObV384_tljtFBaZcRTn5uHz3cXM-Gt2R8N8qHgzFxTLKWOMGZtEpLmVrGhCxKVqi5TIDzrGRzCUo5qVOYJyyhwgqpnJLOJg4y68rUiT4623mb4F_XEFuz8OuuRTRcU54pnaXZliI7ygUfY4DSNKFa2bAxjJquu-m6m6672XYX3ySEeZw</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2802978969</pqid></control><display><type>article</type><title>Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors</title><source>Business Source Ultimate</source><creator>Nuijten, Arno L. P. ; Keil, Mark ; Zwiers, Bert</creator><creatorcontrib>Nuijten, Arno L. P. ; Keil, Mark ; Zwiers, Bert</creatorcontrib><description>With the growing role of information technology (IT), many organizations have incorporated IT governance practices that include keeping executives apprised of IT risks. To perform this function, organizations rely upon their internal audit staff to obtain an independent evaluation of IT risks. Although both general and IT auditors are involved in assessing IT risks, they may not be equally adept at identifying such risks. We draw on the expert versus nonexpert perspective to understand how general and IT auditors perceive IT risks differently. Through a quasi experiment with 70 internal auditors of a financial institution, we found that general auditors perceived IT risks to be lower than their IT audit colleagues. We also found that personal IT risk preferences influenced the level of IT risks that general auditors perceived. Personal IT risk preferences did not affect the risk perceptions of IT auditors. Implications for both research and practice are discussed.</description><identifier>ISSN: 0888-7985</identifier><identifier>EISSN: 1558-7959</identifier><identifier>DOI: 10.2308/ISYS-2020-040</identifier><language>eng</language><publisher>Sarasota: American Accounting Association</publisher><subject>Auditors ; Information technology ; Internal auditing ; Internal auditors ; Risk exposure</subject><ispartof>The Journal of information systems, 2023-04, Vol.37 (1), p.67-83</ispartof><rights>Copyright American Accounting Association Spring 2023</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c151t-c3215a78556a1135df1d7b54e229f1b5e77c586eb41403a357c75ca4ce9acf6c3</cites><orcidid>0000-0002-6701-8040 ; 0000-0002-6845-5445</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27923,27924</link.rule.ids></links><search><creatorcontrib>Nuijten, Arno L. P.</creatorcontrib><creatorcontrib>Keil, Mark</creatorcontrib><creatorcontrib>Zwiers, Bert</creatorcontrib><title>Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors</title><title>The Journal of information systems</title><description>With the growing role of information technology (IT), many organizations have incorporated IT governance practices that include keeping executives apprised of IT risks. To perform this function, organizations rely upon their internal audit staff to obtain an independent evaluation of IT risks. Although both general and IT auditors are involved in assessing IT risks, they may not be equally adept at identifying such risks. We draw on the expert versus nonexpert perspective to understand how general and IT auditors perceive IT risks differently. Through a quasi experiment with 70 internal auditors of a financial institution, we found that general auditors perceived IT risks to be lower than their IT audit colleagues. We also found that personal IT risk preferences influenced the level of IT risks that general auditors perceived. Personal IT risk preferences did not affect the risk perceptions of IT auditors. Implications for both research and practice are discussed.</description><subject>Auditors</subject><subject>Information technology</subject><subject>Internal auditing</subject><subject>Internal auditors</subject><subject>Risk exposure</subject><issn>0888-7985</issn><issn>1558-7959</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><recordid>eNp1kL1OwzAURi0EEqUwsltiNvgnjh22UkGJVAnUloHJcp0bSGnjYKdC3XgHJl6PJ6FREWJhut-Vjs5wEDpl9JwLqi_y6eOUcMopoQndQz0mpSYqk9k-6lGtu63lITqKcUEpVVyoHvrI6xZCbZd4sC6q1of49f6J7yE4aNrK1xH7Eud16cPKdj-egXuu_dI_bcgElraFAk-q-BIv8QAP_aqxoYpb7AraN4Aaj6CG8MeObV384_tljtFBaZcRTn5uHz3cXM-Gt2R8N8qHgzFxTLKWOMGZtEpLmVrGhCxKVqi5TIDzrGRzCUo5qVOYJyyhwgqpnJLOJg4y68rUiT4623mb4F_XEFuz8OuuRTRcU54pnaXZliI7ygUfY4DSNKFa2bAxjJquu-m6m6672XYX3ySEeZw</recordid><startdate>20230401</startdate><enddate>20230401</enddate><creator>Nuijten, Arno L. P.</creator><creator>Keil, Mark</creator><creator>Zwiers, Bert</creator><general>American Accounting Association</general><scope>AAYXX</scope><scope>CITATION</scope><orcidid>https://orcid.org/0000-0002-6701-8040</orcidid><orcidid>https://orcid.org/0000-0002-6845-5445</orcidid></search><sort><creationdate>20230401</creationdate><title>Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors</title><author>Nuijten, Arno L. P. ; Keil, Mark ; Zwiers, Bert</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c151t-c3215a78556a1135df1d7b54e229f1b5e77c586eb41403a357c75ca4ce9acf6c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Auditors</topic><topic>Information technology</topic><topic>Internal auditing</topic><topic>Internal auditors</topic><topic>Risk exposure</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Nuijten, Arno L. P.</creatorcontrib><creatorcontrib>Keil, Mark</creatorcontrib><creatorcontrib>Zwiers, Bert</creatorcontrib><collection>CrossRef</collection><jtitle>The Journal of information systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Nuijten, Arno L. P.</au><au>Keil, Mark</au><au>Zwiers, Bert</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors</atitle><jtitle>The Journal of information systems</jtitle><date>2023-04-01</date><risdate>2023</risdate><volume>37</volume><issue>1</issue><spage>67</spage><epage>83</epage><pages>67-83</pages><issn>0888-7985</issn><eissn>1558-7959</eissn><abstract>With the growing role of information technology (IT), many organizations have incorporated IT governance practices that include keeping executives apprised of IT risks. To perform this function, organizations rely upon their internal audit staff to obtain an independent evaluation of IT risks. Although both general and IT auditors are involved in assessing IT risks, they may not be equally adept at identifying such risks. We draw on the expert versus nonexpert perspective to understand how general and IT auditors perceive IT risks differently. Through a quasi experiment with 70 internal auditors of a financial institution, we found that general auditors perceived IT risks to be lower than their IT audit colleagues. We also found that personal IT risk preferences influenced the level of IT risks that general auditors perceived. Personal IT risk preferences did not affect the risk perceptions of IT auditors. Implications for both research and practice are discussed.</abstract><cop>Sarasota</cop><pub>American Accounting Association</pub><doi>10.2308/ISYS-2020-040</doi><tpages>17</tpages><orcidid>https://orcid.org/0000-0002-6701-8040</orcidid><orcidid>https://orcid.org/0000-0002-6845-5445</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0888-7985
ispartof The Journal of information systems, 2023-04, Vol.37 (1), p.67-83
issn 0888-7985
1558-7959
language eng
recordid cdi_proquest_journals_2802978969
source Business Source Ultimate
subjects Auditors
Information technology
Internal auditing
Internal auditors
Risk exposure
title Internal Auditors’ Perceptions of Information Technology-Related Risks: A Comparison Between General Auditors and Information Technology Auditors
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-10T12%3A13%3A48IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Internal%20Auditors%E2%80%99%20Perceptions%20of%20Information%20Technology-Related%20Risks:%20A%20Comparison%20Between%20General%20Auditors%20and%20Information%20Technology%20Auditors&rft.jtitle=The%20Journal%20of%20information%20systems&rft.au=Nuijten,%20Arno%20L.%20P.&rft.date=2023-04-01&rft.volume=37&rft.issue=1&rft.spage=67&rft.epage=83&rft.pages=67-83&rft.issn=0888-7985&rft.eissn=1558-7959&rft_id=info:doi/10.2308/ISYS-2020-040&rft_dat=%3Cproquest_cross%3E2802978969%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c151t-c3215a78556a1135df1d7b54e229f1b5e77c586eb41403a357c75ca4ce9acf6c3%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=2802978969&rft_id=info:pmid/&rfr_iscdi=true