Online from: 1986
Subject Area: Accounting and Finance
Options: To add Favourites and Table of Contents Alerts please take a Emerald profile
|Title:||Information intensity, control deficiency risk, and materiality|
|Author(s):||Akhilesh Chandra, (School of Accountancy, The University of Akron, Akron, Ohio, USA), Thomas G. Calderon, (School of Accountancy, The University of Akron, Akron, Ohio, USA)|
|Citation:||Akhilesh Chandra, Thomas G. Calderon, (2009) "Information intensity, control deficiency risk, and materiality", Managerial Auditing Journal, Vol. 24 Iss: 3, pp.220 - 232|
|Keywords:||Data security, Information control, Internal auditing, Risk management|
|Article type:||Research paper|
|DOI:||10.1108/02686900910941113 (Permanent URL)|
|Publisher:||Emerald Group Publishing Limited|
Purpose – This paper leverages the concept of business information intensity (BII) with the aim of developing a model to assess control deficiency risk (CDR) in organizations. BII measures the extent of use of IT by an organization in its products and value chain.
Design/methodology/approach – The paper develops a conceptual model that uses BII and CDR to examine alternative approaches to risk management. This model contains four quadrants that provide insight into varying risk management strategies for business processes. CFOs and internal auditors from
Findings – The model suggests that spending on IT and information security is higher for companies with high BII-CDR than those with low BII-CDR.
Research limitations/implications – Analysis focused on only two quadrants in a four-quadrant model. Future research may seek to refine the measurement of BII and CDR, and offer greater insight into the types of business processes that fall into each of the four quadrants as well as those that do not fit neatly into those quadrants.
Practical implications – Organizations may use the BII-CDR model to assess risk and to evaluate investments in IT security and other control activities. The model also highlights the need to redefine the concept of materiality and to consider its link to BII and CDR. Auditors should consider the interaction of BII and CDR in planning the audit, conducting field work, and managing overall audit risk.
Originality/value – The paper provides original insights into the relationship between BII and CDR and its implications for treatment of materiality. It was observed that activities which support critical business processes are themselves critical. This is an important departure from traditional approaches to evaluating materiality.
To purchase this item please login or register.
Complete and print this form to request this document from your librarian