OJIT Home

2020 - Volume 3 - Number 2

Information Systems Audit Framework to Improve the Quality of Audit in Higher Education in East Africa

Jeremiah Osida Onunga * jerryosida@gmail.com * ORCID: 0000-0002-9827-7352
Turkana University College, School of Science & Technology, Department of Renewable Energy & Technology, Lodwar, KENYA

Open Journal for Information Technology, 2020, 3(2), 53-62 * https://doi.org/10.32591/coas.ojit.0302.02053o
Received: 20 October 2020 ▪ Accepted: 6 December 2020 ▪ Published Online: 10 December 2020

LICENCE: Creative Commons Attribution 4.0 International License.

ARTICLE (Full Text - PDF)

ABSTRACT:
There are some similarities between Financial Statement Audit (FSA) and Information System Audit (ISA). FSA is an examination of the reliability and integrity of financial statement records whereas ISA is a review and evaluation of the controls, risks, and system development within an Information system infrastructure to determine if the information systems are safeguards to protect against abuse, safeguards assets, maintains data integrity, and operates effectively to achieve the organization's going concern objective. Decision makers need to ensure that the process of collecting and evaluating evidence of an organization's information systems, practices, and operations are reliable. Data manipulation can be caused by external or internal threat. Internal manipulation threat is the most dangerous one because it is committed by authorized personnel which make it very difficult to be detected.  In particular, the framework introduces an anomaly detection technique, one of the data mining methods, to determine the suspected transactions arise from both internal and external threat. Once the suspected transactions are identified, procedures and monitoring control will be in place to minimize each threat. The proposed framework is expected to help both universities and ministry of higher education managers at all levels to make a vital decision based on reliable and accurate information in East Africa.

KEY WORDS: ISA Framework, data mining framework, anomaly detection technique, higher education.

CORRESPONDING AUTHOR:
Jeremiah Osida Onunga, Tutorial Fellow and Chairman, Department of Renewable Energy & Technology, School of Science & Technology, Turkana University College, Lodwar, KENYA. E-mail: jerryosida@gmail.com.

REFERENCES:

Comyn-Wattiau I., & Akoka, J. (1996). Logistics information system auditing using expert system technology. Journal of Expert Systems with Applications, 11(4), 463-473.

Han J., Kamber, M., & Pei, J. (2012). Data mining concepts and techniques. Morgan Kaufmann: Waltham, MA 02451, USA.

Hardy, C. A., & Laslett, G. (2015). Continuous auditing and monitoring in practice: Lessons from Metcash’s business assurance group. Journal of Information Systems, 29(2), 183-191.

Rus, I. (2015). Technologies and methods for auditing databases. Procedia Economics and Finance, 26, 991-999.

Omoteso, K. (2012). The application of artificial intelligence in auditing: Looking back to the future.  Journal of Expert Systems with Applications, 39(9), 8490-8495.

Kim, S. L., Teo, T. S. H., Bhattacherjee, A., & Nam, K. (2015). IS auditor characteristics, audit process variables, and IS audit satisfaction: An empirical study in South Korea. Information Systems Frontiers, November 2015, 1-15.

Kurniati, A. P., Kusuma, G. P., & Ary Wisudiawan, G. A. (2015).  Designing application to support process audit using process mining.  Journal of Theoretical and Applied Information Technology. 80(3), 473-480.

Liu, L., De Vel, O., Han, Q-L., Zhang, J., & Xian, Y. (2018).  Detecting and preventing cyber insider threats: A survey.  IEEE Communications Surveys & Tutorials, 20(2), SECOND QUARTER 2018.

Lope, A. R., Islam, & Ai-Nemrat (2015). Measuring sustainability for an effective Information System audit from public organization perspective. 9th IEEE International Conference on Research Challenges in Information Science, IEEE RCIS 2015; Athens; Greece; 13-15 May 2015; Category number CFP1540D-ART.

Marques, R. P., Santos, H., & Santos, C. (2015). Monitoring organizational transactions in enterprise information systems with continuous assurance requirements. International Journal of Enterprise Information Systems, 11(1), 13-32.

Tao, P., Sun, Z., & Sun, Z. (2018). An improved intrusion detection algorithm based on GA and SVM.  IEEE Access, 2018, 13624-13631.

Marquesa, R. P., Santosa, H., & Santos, C. (2012). A solution for real time monitoring and auditing of organizational transactions.  Procedia Technology, 5, 190-198.

Shing-Han, L., Shi-Ming, H., & Yuah-Chiao, G. L. (2007).  Developing a continuous Auditing Assistance System Based on Information Process Models. The Journal of Computer Information Systems, 48, 1.

Wang, Y., Wu, Q., Qin, B., Shi, W., & Deng, R. H. (2017). Identity-based data outsourcing with comprehensive auditing in clouds.  IEEE Transactions on Information Forensics and Security, 12(4), 940-952.