Perception and strategic contribution of information systems audits in the organizational context
DOI:
https://doi.org/10.56368/Entrelineas422Keywords:
systems audits, information security, internal controls, organizational efficiency, digital assetsAbstract
The study's overall objective was to analyze perceptions of information systems audits in strengthening internal controls, protecting digital assets, and generating strategic value in organizations. Empirical research was conducted based on surveys of professionals working in organizations in the San Miguelito district of Panama. The sample included auditors, IT staff, managers, and other relevant collaborators. The instrument consisted of a questionnaire that assessed perceptions of various aspects related to information systems audits and their organizational impact. Among the notable results, it was found that, although only 47% of respondents believe that audits strengthen internal controls, 65% affirm that their recommendations improve the protection of digital assets. Similarly, 72% acknowledged that audits generate confidence in data management, although only 50% believe they contribute to reducing cyber incidents, and 70% considered current processes insufficient to ensure efficient management of information systems. It was evident that information systems audits are viewed as strategic tools in many organizations, although challenges persist in their implementation and scope. Therefore, it is considered necessary to improve auditors' technical training, strengthen the adoption of recommendations, and align audit processes with the organization's strategic objectives to increase their impact.
Downloads
References
Al Lawati, H., Sanad, Z. & Al Farsi, M. (2024). Unveiling the Influence of Big Data Disclosure on Audit Quality: Evidence from Omani Financial Firms. Administrative Sciences, 14, 216. https://doi.org/10.3390/admsci14090216
Ali, M.A.S., Elshaer, I.A., Montash, A.A., Metwally, A.B.M. (2024) The Role of Technological Readiness in Enhancing the Quality of Audit Work: Evidence from an Emerging Market. Journal of Risk and Financial Management, 17, 489. https://doi.org/10.3390/jrfm17110489
Barrett, M.P. (2018). Framework for Improving Critical Infrastructure Cybersecurity Version 1.1. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.CSWP.04162018
COBIT. (2019). Control Objectives for Information Technologies. https://www.isaca.org/resources/cobit
Deloitte. (2023). Deloitte study: nine out of ten organizations reported at least one cyber incident or breach last year. https://n9.cl/dy27m
Gartner. (2024). 2024 top trends in cybersecurity focus on resilience, performance. https://www.gartner.com/en/cybersecurity/topics/cybersecurity-trends
ISO/IEC. (2022). Information security, cybersecurity and privacy protection - Information security management systems - Requirements. ISO/IEC.
KPMG. (2024). Trailblazing digital frontiers. Global IT internal audit Outlook. https://n9.cl/3fdde
Ley 81 de 2019. Sobre protección de datos personales. Gaceta Oficial Digital No. 28743-A, de 26 de marzo.
Lozano, M. (2024). Amenazas cibernéticas afectan la seguridad del sector financiero en el siglo 21. En ITC Connect, Noticias tecnológicas en Latinoamérica. https://itconnect.lat/portal/amenazas-ciberneticas-00001/
Martin, C. (2022). An Integrated Approach to Security Audits. https://n9.cl/iyv0y
Peña Calvo de la, N. (2015). UF1643-Gestión y control de los sistemas de Información. Editorial Elearning, SL.
Razo, C. M. (2002). Auditoría en sistemas computacionales. Pearson Educación.
Sánchez Valriberas, G. (2008). Control interno y auditoría de sistemas de información. En Piattini Velthuis, M. G. (2008). Auditoría de tecnologías y sistemas de información. (3-30). Ra-Ma Editorial.
Sayana, A. (2022). The Evolution of Information Systems Audit. ISACA Journal, 1, 1-5. https://n9.cl/19hb5
Slapničar, S., Vuko, T., Čular, M., & Drašček, M. (2022). Effectiveness of cybersecurity audit. International Journal of Accounting Information Systems, 44, 100548. https://doi.org/10.1016/j.accinf.2021.100548
van den Heuvel, E. (2025). Evolution of IT auditing in a nutshell – journey towards a dynamic landscape. Maandblad voor Accountancy en Bedrijfseconomie, 99(2), 73–83. https://doi.org/10.5117/mab.99.140994
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
You are free to:
- Share — copy and redistribute the material in any medium or format
- Adapt — remix, transform, and build upon the material
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- NonCommercial — You may not use the material for commercial purposes .
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
