Research Article: 2021 Vol: 24 Issue: 4S
Mhamoud Abedalfattah Alwashah, Al-Balqa Applied University
Faris Irshaid Al-karabsheh, Al-Balqa Applied University
Citation: Alwashah, M. A., & Al-karabsheh, F. I. (2021). The role of internal and external audit in reducing the risk of accounting information systems (from the estimation of the internal and external auditor). Journal of management Information and Decision Sciences, 24(S4), 1-16.
This study aims to recognize the role of internal and external audits in reducing the risk of AIS (from the estimation of the internal and external auditor). It is about identifying the role of internal and external auditors with the duties assigned to them when estimation auditing and reducing the risk of AIS. The researcher chose a random sample of external auditors affiliated with the Jordanian Association of Certified Accountants, who audited the financial statements of the public shareholding service corporations. The study created a set of important results and recommendations the most prominent of which indicates the existence of a statistically significant role for the internal and external auditor in reducing the risk of AIS. There is it was found that there is a statistically significant role of internal audit in reducing the risk of entering AIS data. The researcher, therefore, recommended is essential that companies support their information security and develop clear legislation for the companies and provide a specialized IT cadre capable of protecting the security of the AIS of companies, in particular, internal control over the company's system and put restrictions that limit the attempt to penetrate the company's system and obtain any information.
Internal audit; External audit; Risk; Accounting information systems; Internal auditor; External auditor.
The scientific and technological development that appeared in the current era and what happened to the business sector has led to a great development as well as the emergence of multinational companies located on all continents in most countries of the world, especially the major industrialized countries (Hossam, 2015). To increase the need to use modern methods and methods to verify compliance with the implementation of administrative policies that ensures the protection of project assets and ensures accuracy of data and information. Data is a necessary resource in the facility. The outputs of AIS and subsystems are the main pillar on which the enterprise relies in management. It records, analyzes, and displays them in the form of financial lists in order to prove the correctness and accuracy of accounting data and information. However, the term internal and external audit has emerged, which is an independent evaluation function that is periodically exercised in the enterprise in order to assist officials at all levels to control and improve their activities and to ensure that the enterprise is protected from errors, manipulation, fraud, and corruption found in the books and records of the enterprise in all accounting aspects in order to avoid these obstacles in the future by following proper administrative policies and procedures (Najiba, 2015).
The problem of the study was identified in reducing the risks of using AIS under the role of both internal and external auditor in the auditing process. From the estimation of internal and external audit at the general level and its role in strengthening the evidence of audit results by answering the main question: is there a role for internal and external audit and the ability to reduce the risk of AIS. The main question has several sub-questions, including the following:
In this study, we will talk about the role of the auditor both inside and outside audit companies and their objectives in reducing the risk of AIS. Therefore, highlight and clarify the definition framework of internal and external audit and AIS and its risks. Identify the relative importance between internal and external audit functions and the risks of AIS in the economic enterprises investigated. Finally, make recommendations to economic institutions that research on the usability of internal and external auditing in reducing the risks of the accounting information system. And then determine the obstacles faced by auditors to reduce the risk of AIS audits.
It is an acceptable means of collecting proof that draws the concern of both internal and external auditors and performing currency efficiently and effectively in the auditing process. Here lies the significant research on the role of the internal and external auditor in the auditing process in terms of its concept, types, and combinations and how they are applied during different stages of the audit and linking it to the international audit standards standard (520) and standard (195), which aims to provide instructions related to the application of audits in addition to internal audit Greater role in reducing fraud, doctrinaire and corruption and improving the performance of the economic sector in general. The integration of internal and external audit plays a positive role at the functional level of the auditors who practice internal and external audit and in helping them achieve their best and provide high-quality audit results in the work, for the benefit of many collections in society to enable them to make the right decisions at the right time and to perform the work activities (Saudi Commission of Chartered Accountants, 2020).
Electronic accounting information processing systems have led to a significant change in the internal and external auditor functions. This reduced the amount of time and routine work that was spent daily on manual registration of transactions. Specifically, most of these operations were done by computer. This resulted in saving time that can be well invested by the internal and external auditor in analyzing information, data and making administrative decisions. The publication in theory and practice in the use of computers in accounting records has contributed to the development of the internal or external auditor function. Especially concerning the responsibility in the study of systems, the development of budgets, and the work of multiple recommendations that affect the various administrative decisions of different aspects of economic activity in the financial statements (Salamzadeh, 2020).
This study seeks to achieve a number of goals from them. Know the role of each of the auditors, whether internal or external, to reduce the risks of the accounting information system used within the facilities. Where I'm not and effectiveness of the system of the internal control and prevention aspects of professional responsibility related to the performance of the external auditor and the parameters that limit the performance of their professional responsibilities to answer the questions of the study, the main hypothesis was formulated as follows. There is no role for internal and external auditing in reducing the risk of AIS. Several sub-hypotheses follow the study as follows:
H1: There is no role of internal auditing in reducing the risk of AIS data inputs.
H2: There is no role for external auditing in reducing the risk of AIS data inputs.
H3: There is no role of internal auditing in reducing the risk of AIS data operating.
H4: There is no role for external auditing in reducing the risk of AIS data operating.
H5: There is no role for internal auditing in reducing the risk of AIS data outputs.
H6: There is no role for external auditing in reducing the risk of AIS data outputs.
The study began (Shirzad et al., 2020), where the study investigated the role of internal and external auditing in the public sector governance in the Kurdistan Regional Government. Data was recovered using questionnaires. Analysis using the ordinary least-squares regression as well as the method was used to evaluate the model. The results of the study finding that internal risk management and compliance monitoring have significant positive effects on public sector management. As explained (Najm, 2018), that his study aimed to highlight and clarify the definition framework of internal audit and Accounting Information System and risk where the descriptive approach was relied on, by describing the theoretical aspects of the research using books, notes and journals, and information was collected on the role of internal audit in reducing the risks of AIS, the applied aspect was internal and help them to succeed in the process of control and audit. The study (Marwa, 2017) highlighted the extent to which the Internal Audit Department has managed to reduce risks from the estimation of both internal auditors and their assistants, in light of this; appropriate methods have been used in the collection and analysis of data. The study showed the importance of having an internal audit department and realizing the importance of its role within the facility and focusing on independence to perform work efficiently and effectively. the study concluded that the internal audit department helps to support and activate risk management to minimize and reduce risks to the organization, which in turn brings about a radical change in its As stated in a study (Bilal et al., 2018), knowledge and management of risks is one of the key factors for the success and prosperity of economic institutions, if the entry into the risk is intended to obtain profits, then failure to manage these risks practically and correctly may lead to loss of returns and failure to achieve One of the most important results is the confirmatory role achieved by assuring the management on the efficiency, effectiveness, and correctness of the evaluation of the risk management process. In his study on the role of internal control in reducing financial risks associated with the policy of investment diversification and identifying the dimensions of financial risks, a questionnaire was designed to collect and analyze data using the social software package program SPSS. To test the hypotheses we used computational averages and standard deviation, and the results of the study showed a statistically significant role for internal control. As explained (Abdulrahman, 2004), in this paper questionnaires and interviews to study the level of cooperation and coordination between managers of internal audit departments and partners and managers in Saudi external audit companies. The findings revealed that the external auditors had expressed concern about the independence, scope, and small size of many internal audit departments. Ibrahim and Mohammed (2017), presented in this study to identify the risks of using electronic AIS in banks operating in the municipality of Misrata, and a special questionnaire was prepared. The analysis was done by Spss of the results of the survey, and the study found the impact of the risks of the use of electronic AIS on the effectiveness of the audit in Algeria.
The IAD is an integral part of institutions in general and economic institutions in particular, it is an advisory tool that helps to detect and prevent errors, deviations, fraud, and corruption in order to correct them at the moment and avoid their occurrence in the future. Where it puts procedures and controls that limit the occurrence of errors whether intentionally or unintentionally it also allows to identify the means of dealing with risks that can be exposed to economic institutions by providing suggestions and recommendations in order to verify that the procedures and practices during the audit process were carried out in a correct and proper manner and to ensure the integrity of the internal control system and whether the plans, systems, and control processes are sufficient to employees and employees who are poor financial observers or accountants, auditors and others must realize the importance and role of Internal Audit Department for the bank as it gives it added value for the institution. Barret (2014) explained INTOSAI in the definition of internal audit as an incorporated process bring out by the management of a single unit and its employees while seeking to perform their tasks and is designed to provide reasonable assurance that the overall objectives are fulfilled including the enforcement of effective and effective operational excellence in a systematic, economic manner. Compliance with liability accounting obligations (Yose & Choga, 2016).
Internal audit is also considered an effective administrative tool that cannot be dispensed with if it is exploited in a good way, where it is based on the evaluation of the internal control system in order to detect errors, manipulations and deviations in its records, by making a range of possible corrections, and the extent of the contribution of internal audit to reduce.
With the development of important comes the role of the external auditor's performance of the professional services the facility with the increased demand for services and the external highly of them and provides auditing, evaluation, and analysis of the financial statements. And other services such as tax. Therefore, the role of the auditor is not easy but based on diligence in performing audits, as the appearance of errors, omissions, or omissions exposed to all kinds of legal accountability and sentenced to compensation. The auditor understanding has its own criteria and must be followed by adequate and appropriate professional attention when carrying out his work (Defiles et al., 1990).
The internal auditor also states his opinion that the Audit Manual contains an overview of the risk factors facing the AIS of enterprises, as well as the audit protocol, tools and methodologies used to conduct the audit, the forms to be filled out and the people contacted. The manual thus facilitates the mentoring process and saves time in training newly recruited staff on audit activity and auditors can initiate audit tasks directly (Balkaran, 2013).
On the other hand, the external auditor has made clear his opinion today in light of the phenomenon of large-scale financial crises, which is one of the contemporary challenges of the auditing profession.it is essential to understand and understand the risks facing enterprises, especially as a result of the existence of this phenomenon, and the need to oblige economic units in general in enhancing the importance of the role played by the external auditor, in expressing his opinion independently and impartially and in a manner that shows the extent to which the necessary professional care is exercised. This adds value to the financial statements and increases the confidence of the users of the financial statements in the auditing profession, thus reducing the risks of using AIS (Caesar, 2014).
Understanding of preparing financial Reports based on IAS without auditor accountability is closely related to the process of providing information. If employers get data and socialization good, their comprehension of IAS without auditor accountability is also well (Wibowo et al., 2019). According to Pandya (2014) AIS owned by a corporate provide data to parties internal and external the corporate. This data is generated from data systems consisting of AISs. The same thing was stated by Mahmoudi et al. (2017) that AIS is quantitative data about economic institutions that are useful for economic decision-making to select choices of alternative activities. The indicators used in this study include the features of AIS, the significance of data and socialization, and understanding of financial statements.
Conception involves a high degree of knowledge in explicating sensory data. The findings of the sensory data version then cause attitude change (Basri & Dwimulyani, 2018). According to Batrancea et al. (2019) attitude is the finding of various kinds of practices and their interaction with the environment manifested in the form of information, attitudes, and activities.
Finally, examining the comprehensions of CSR in different sectors especially the auditing sector and the role it plays in them, maybe the establishment of an applied CSR auditing procedure. It further explores the possibility of developing practical measurement systems for CSR and inspects the processes that are currently being implemented (Doshmanli et al., 2018).
The study relied on the descriptive method of monitoring, describing, and interpreting real-life phenomena and events, through monitoring their vocabulary data, and arriving at the characteristics of the phenomenon studied. The study also relied on the analytical method. this method is based on the interpretation of the current situation or problem by identifying its circumstances and characterizing the relationships between them, with a view to finalizing an accurate and integrated scientific description of the phenomenon. it includes the analysis, measurement, and interpretation of the data, the conclusion of an accurate description of the phenomenon or problem and its consequences, and the submission of solutions and proposals to address it (Al-Najjar et al., 2020).
Population and Sample of the Study
The study community consisted of internal and external auditors of Jordanian service companies, and after the identification of the study community was prepared and designed an electronic questionnaire (Online Questionnaire) through the site (Google Drive) to obtain the data for the study and publish it in a random Sample Method (random Sample) and in this method, each element of the society has the same share of appearance The study sample was statistically subjected to KMO analysis (Kaiser-Mayers-Olkin), an analytical tool used to clarify the adequacy of the sample size involved in the study, where a value (KMO ≥ 0.5) should be sufficient for the study sample size (Field, 2018). Where the value of (KMO) was equal to (0.765) which is greater than the assumed value of sufficient sample size, this indicates that the sample size involved in the study is sufficient, and Table 1 shows this.
| Table 1 KMO and Bartlett'sTest |
||
| Laser-maze-Olkin for measuring samplesize adequacy | 0.765 | |
| Bartlett test | (Approx. Chi-Square) | 356.2 |
| (Sig) | 0 | |
Stability of the Study Tool
Cronbach's Alpha coefficient was used to measure the consistency of the internal consistency of the study paragraphs, the results of which are shown in Table 2.
| Table 2 Cronbach Alpha Coefficient Value for Resolution Paragraphs |
||||
| Variables | Internal audit | External audit | Risks of AIS | Overall indicator |
| Cronbach Alpha | 0.797 | 0.917 | 0.829 | 0.938 |
| Num. of paragraphs | 10 | 10 | 16 | 36 |
Table 2 shows that the value of the internal consistency coefficient (Cronbach Alpha) for the paragraphs of the study instrument ranged from (79.7% -91.7%) to a degree of stability of (93.8%) for all paragraphs, and both (Sekaran & Bougie, 2020) indicated that the minimum stability coefficient (Cronbach Alpha) is (0.70) and the closer the value to (1) one, i.e. 100%, this indicates higher stability accordingly, all internal consistency coefficients in the table above are an indicator of the stability and reliability of the study tool in statistical analysis.
Normal Distribution Test
This test is used to measure the uniformity of the distribution, the value outside the range (± 1) indicates that the distribution is largely skewed, the kurtosis value is extracted, and the distribution is normal if the kurtosis value does not exceed (± 1.96) at 0.05 (Cooper & Schindler, 2014).
Based on the test data shown in Table 3 Illustrated that the distribution of data was normal, it didn't fall values (Skewness) out of range (±1) and did not exceed the value of (Kurtosis) (±1.96) at the level (0.05).
| Table 3 The Normal Distribution of Data Based on the Selection (Skewness & Kurtosis) |
|||
| Variables | Internal audit | External audit | Reducing the risk of AIS |
|---|---|---|---|
| Skewness | 0.265- | 0.057 | 0.165- |
| Kurtosis | 0.165 | 0.810- | 0.062- |
Self-Correlation Test (Autocorrelation)
This test verifies that the data are free of the problem of self-correlation in the regression model which impairs the model's ability to predict. This is confirmed by the Durbin-Watson test, where its value is limited between (0-4), if the value of (Durbin-Watson) ranges between (1.5-2.5), this indicates that there is no self-Association problem and that it is acceptable and Table 4 shows the results of this test, where it turns out that the value of Durbin– Watson calculated for in the regression model (Tabachnick & Fidell 2018).
| Table 4 Results of theSelf-Correlation Test (D-W) for Study Hypotheses |
||||||||
| Hypothesis | Ho.1 | Ho.2 | Ho.3 | Ho.4 | Ho.5 | Ho.6 | Ho.7 | Ho.8 |
|---|---|---|---|---|---|---|---|---|
| Calculated D-W value | 1.949 | 2.118 | 1.879 | 1.884 | 1.792 | 1.848 | 1.887 | 1.826 |
| Result | No self-Association problem | |||||||
Describe the Characteristics of the Study Sample
Table 5 shows the results of repetition and the percentage of personal and functional characteristics related to the first part of the questionnaire.
It is noted from Table 5 that (54.4%) of the sample are internal auditors in Jordanian service companies, and the number (56), while (45.6%) of the sample are external auditors on Jordanian service companies, and the number (47) and we note that the highest percentage (84.5%) of the sample hold a bachelor's degree, and the number (87), while (2.9%) (47.6%), and (49%), while (4.9%) of the respondents hold a certificate (CMA), and (5). It turns out that (82.5%) of the respondents have their accounting specialties, and (85), while (4.9%) their specialties are not mentioned, and (5).
| Table5 Describethe Characteristics of the Study Sample |
|||
| Variable | Category | Repetition | % |
|---|---|---|---|
| Position | Internal auditor | 56 | 54.40 |
| External auditor | 47 | 45.60 | |
| Total | 103 | 100 | |
| Level of Education | Bachelor's | 87 | 84.50 |
| Master | 13 | 12.60 | |
| PhD | 3 | 2.90 | |
| Total | 103 | 100 | |
| International certifications | CPA | 49 | 47.60 |
| CMA | 5 | 4.90 | |
| JCPA | 27 | 26.20 | |
| Other | 22 | 21.40 | |
| Total | 103 | 100 | |
Descriptive Statistics of Study Tool Paragraphs
The degree of relative approval was specified according to the following equation: the length of the category=upper limit of the alternative–the lower limit of the alternative/number of levels= 5-1/3= 1.33 if the arithmetic means between (1-2.33) is considered within the low level, and if it ranged between (2.34-3.66) is within the medium level, and if 2016). The results of the descriptive statistics of the study variables were as follows:
Descriptive Statistics of Respondents' Answers towards (Internal Audit)
Table 6 shows the arithmetic mean, standard deviation, relative weight, degree of approval, and rank of the answers of the researchers towards (internal audit), which was measured based on (10) paragraphs.
| Table 6 Arithmetic Mean,Standard Deviation, Grade, Relative Weight, and Degree of Approval forInternal Audit Paragraphs |
||||||
| Num. | Paragraph | Arithmeticmean relative | Standard deviation | Weight% | Gradeapproval | Grade |
|---|---|---|---|---|---|---|
| 1 | The internal auditor takes care of input, operation and outputprocedures to reduce risk. | 4.1 | 0.619 | 82 | High | 3 |
| 2 | The internal auditor adheres to the ethics ofthe auditprofession. | 3.97 | 0.857 | 79.4 | High | 5 |
| 3 | The internal auditor follows professional carein carrying outthe audit task. | 4.04 | 0.851 | 80.8 | High | 4 |
| 4 | The internal auditor of the companyunderstands the importanceof a sufficientunderstanding of the accounting system and its components. | 3.9 | 0.88 | 78 | High | 10 |
| 5 | The internal auditor provides guidance on howto handle auditrisks. | 4.1 | 0.515 | 82 | High | 2 |
| 6 | The internal auditor checks the availabilityof actions relatedto the possible risks ofprotecting the computerized system. | 3.92 | 0.825 | 78.4 | High | 7 |
| 7 | The internal auditor relies on experts fromoutside the AuditOffice to reduce risk. | 4.11 | 0.685 | 82.2 | High | 1 |
| 8 | The internal auditor makes comparisons betweenmanually preparedstatements and electronicallypublished financial statements. | 3.91 | 0.887 | 78.2 | High | 8 |
| 9 | The internal auditor checks data protectionprocedures by makingconstantly updated backups. | 3.91 | 0.898 | 78.2 | High | 9 |
| 10 | Adhering to internal audit standardscontributes to theimprovement of the internalcontrol system. | 3.95 | 0.867 | 79 | High | 6 |
| Overall indicator | 3.99 | 0.475 | 0.798 | High | ||
We note from Table 6 that the overall index achieved an arithmetic average (3.99), and a standard deviation of (0.475), which indicates that the trends of the sample members towards (internal audit) came within the high level. With paragraph (7), which provides that "the interior of experts from outside the Office of Audit, Risk Reduction" ranked first with an average of my account (4.11) one discover standard (0.685) and high, while paragraph (4) the last rank which provides that "aware of the internal auditor in the company of the importance of understanding all of the accounting system and its components" on average My Account (3.90) per discover standard (0.880) and elevated.
Descriptive Statistics of Respondents' Answers towards (External Audit)
Table 7 shows the arithmetic mean, standard deviation, relative weight, degree of approval, and rank of the interviewees ' answers towards (external audit), which was measured based on (10) paragraphs.
| Table 7 Arithmetic Mean,Standard Deviation, Grade, Relative Weight, and Degree of Approval forExternal Audit Paragraphs |
||||||
| Num. | Paragraph | Arithmeticmean relative | Standard deviation | Weight% | Gradeapproval | Grade |
|---|---|---|---|---|---|---|
| 1 | The internal auditor takes care of input, operation and outputprocedures to reduce risk. | 3.84 | 0.883 | 76.8 | High | 10 |
| 2 | The internal auditor adheres to the ethics of the auditprofession. | 3.92 | 0.682 | 78.4 | High | 6 |
| 3 | The internal auditor follows professional care in carrying outthe audit task. | 3.86 | 0.687 | 77.2 | High | 9 |
| 4 | The internal auditor of the company understands the importanceof a sufficient understanding of the accounting systemand its components. | 3.87 | 0.825 | 77.4 | High | 8 |
| 5 | The internal auditor provides guidance on how to handle auditrisks. | 3.91 | 0.715 | 78.2 | High | 7 |
| 6 | The internal auditor checks the availability of actions relatedto the possible risks of protecting the computerizedsystem. | 3.96 | 0.670 | 79.2 | High | 4 |
| 7 | The internal auditor relies on experts from outside the AuditOffice to reduce risk. | 4.37 | 0.657 | 87.4 | High | 1 |
| 8 | The internal auditor makes comparisons between manually preparedstatements and electronically published financialstatements. | 4.14 | 0.780 | 82.8 | High | 2 |
| 9 | The internal auditor checks data protection procedures by makingconstantly updated backups. | 3.94 | 0.790 | 78.8 | High | 5 |
| 10 | Adhering to internal audit standards contributes to theimprovement of the internal control system. | 4.11 | 0.753 | 82.2 | High | 3 |
| Overall indicator | 3.99 | 0.475 | 0.798 | High | ||
We note from Table 7 that the overall index achieved an arithmetic mean (3.99), and a standard deviation of (0.566), which indicates that the trends of the sample members towards (external audit) came within the high level. With paragraph (7), which provides that "the reliance on experts from outside the Office of Audit, Risk Reduction" ranked first with an average of my account (4.37) one discover standard (0.657) and high, while paragraph (1) ranked last, which provides "care about school procedures for the input and playback and output to reduce the risks" average My Account (3.84) per discover standard (0.883) and elevated.
Descriptive Statistics of Respondents' Responses towards (Risk Reduction of AIS)
Table 8 shows the arithmetic mean, the standard deviation, the relative weight, the degree of approval, and the rank of the respondents' answers towards the dimensions (risk reduction of AIS), which were measured based on (14) paragraphs.
| Table 8 Calculation Average,Standard Deviation, Grade, Relative Weight, and Degree of Approval for AISRisk Reduction Paragraphs |
||||||
| Num. | Paragraph | Arithmetic mean relative | standard deviation | weight% | Grade approval | grade |
|---|---|---|---|---|---|---|
| Reducing input risk | ||||||
| 1 | Ensure that each employee who is allowed to access the systemhas their own passwords. | 3.81 | 0.755 | 76.2 | high | 3 |
| 2 | To ensure the adequacy of control procedures, separation offunctions when the input data. | 4.1 | 0.774 | 82 | high | 1 |
| 3 | Input any false and incorrect data intentionally orunintentionally. | 3.8 | 0.691 | 76 | high | 4 |
| 4 | Setting instructions that prevent unauthorized persons fromentering the hardware room during data entry. | 4.06 | 0.669 | 81.2 | high | 2 |
| Overall indicator of input riskreduction | 3.94 | 0.427 | 78.80% | high | ||
| Reducing operating risk | ||||||
| 5 | Ability to predict and reduce operating risks. | 3.92 | 0.723 | 78.4 | high | 2 |
| 6 | Ensure that data processing is done electronically withoutinterference by the human element | 3.6 | 0.867 | 72 | Medium | 3 |
| 7 | Ability to predict and reduce operating risks. | 3.57 | 0.881 | 71.4 | Medium | 4 |
| 8 | Updated computer hardware and software used in the operation ofcomputerized systems | 4.14 | 0.78 | 82.8 | high | 1 |
| Overall indicator of operating riskreduction | 3.81 | 0.492 | 76.20% | high | ||
| Reducing output risk | ||||||
| 9 | Work on comparing computer outputs with some manually calculatedinputs. | 3.94 | 0.79 | 78.8 | high | 4 |
| 10 | Work on comparing computer outputs with some manually calculatedinputs. | 3.98 | 0.626 | 79.6 | high | 3 |
| 11 | Take care to make licensed copies of the outputs and see them byauthorized persons. | 4.1 | 0.65 | 82 | high | 1 |
| 12 | Ensure that the system's paper outputs are kept in safe placesand archived electronically to prevent their loss. | 4.03 | 0.747 | 80.6 | high | 2 |
| Overall indicator of output risk reduction | 4.01 | 0.565 | 80.20% | high | ||
| Reducing environmental risks | ||||||
| 13 | Management's awareness of the importance of having internal andexternal environmental risks. | 4.08 | 0.723 | 81.6 | high | 2 |
| 14 | The presence of alternative power sources in case of powerfailure. | 2.97 | 0.568 | 59.4 | Medium | 4 |
| 15 | Attention to provide the appropriate environment for computers (air conditioning, ventilation, cooling....) | 4.17 | 0.579 | 83.4 | high | 1 |
| 16 | Alternative plans are developed in case of any emergencyaffecting the security and safety of computerizedsystems. | 4.01 | 0.533 | 80.2 | high | 3 |
| Overall indicator of Environmental RiskReduction | 3.81 | 0.41 | 76.20% | high | ||
We note from Table 8 that the total input risk reduction index has achieved an arithmetic mean (3.94), and a standard deviation of (0.427), which indicates that the trends of the sample members towards (input Risk Reduction) have come within the high level. The achieved paragraph (2) which states “to ensure the adequacy of control procedures, separation of functions when you enter data” ranked first with an average of my account (4.10) one discover standard (0.774) and high, while paragraph (3) ranked last, which provides that "the entry of any false statement, untrue with intent or without intent" with an average of my account (3.80) per discover standard (0.691) and elevated.
We note that the total operating risk reduction index has achieved an arithmetic mean (3.81), and a standard deviation of (0.492), which indicates that the trends of the sample members towards (operating risk reduction) have come within the high level. The achieved paragraph (8), which provides that "is updated computer hardware and software used in the operation of computerized systems" ranked first with an average of my account (4.14) one discover standard (0.780) and high, while paragraph (7) the last rank which provides that "the ability to predict the risk of operating and" average My Account (3.57) per discover standard (0.881) and to a lesser medium.
We note that the total output risk reduction index has achieved an arithmetic mean (4.01), and a standard deviation of (0.565), which indicates that the trends of the sample members towards (output Risk Reduction) have come within the high level. Paragraph (11), which provides "to ensure that authorized copies of outputs are made and accessed by authorized persons", achieved first place with an average calculation (4.10) and a standard deviation (0.650) and a high degree, while paragraph (9) achieved the last place, which provides "to work on comparing computer outputs with some manually calculated inputs" with an average calculation (3.94) and a standard deviation (0.790) and a high degree.
We note that the overall environmental risk reduction index has achieved a mathematical average (3.81), and a standard deviation of (0.410), which indicates that the trends of the study sample members towards environmental risk reduction have been within the high level. It achieved paragraph (15) which states "attention to providing the appropriate environment for computers (air conditioning, ventilation, cooling....) "On the first place with an arithmetic average (4.17) and a standard deviation (0.579) and a high degree, while paragraph (14) achieved the last place which states" the existence of alternative energy sources in case of power failure " with an arithmetic average (2.97) and a standard deviation (0.568) and an average degree.
In this part of the study we review the test of hypotheses, where they were subjected to simple Regression analysis and the following results were reached:
Table 9 shows the results of the hypothesis test and the results were as follows:
| Table 9 Test Results of Hypotheses |
||||||||||||
| Hypothesis | R | R2 | Adj R2 | DF | F | F. Sig | B | Std. Error | T | T | T. Sig | HO |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| HO.1 | 0.522 | 0.27 | 0.27 | 1 | 37.8 | 0 | 0.47 | 0.08 | 6.2 | 1.981 | 0 | Refuse |
| HO.2 | 0.581 | 0.34 | 0.33 | 1 | 51.6 | 0 | 0.44 | 0.06 | 7.2 | 1.981 | 0 | Refuse |
| HO.3 | 0.673 | 0.45 | 0.45 | 1 | 83.5 | 0 | 0.7 | 0.08 | 9.1 | 1.981 | 0 | Refuse |
| HO.4 | 0.708 | 0.5 | 0.5 | 1 | 101 | 0 | 0.62 | 0.06 | 10 | 1.981 | 0 | Refuse |
| HO.5 | 0.659 | 0.43 | 0.43 | 1 | 77.5 | 0 | 0.78 | 0.09 | 8.8 | 1.981 | 0 | Refuse |
| HO.6 | 0.787 | 0.62 | 0.62 | 1 | 165 | 0 | 0.79 | 0.06 | 13 | 1.981 | 0 | Refuse |
| HO.7 | 0.554 | 0.31 | 0.3 | 1 | 44.8 | 0 | 0.48 | 0.07 | 6.7 | 1.981 | 0 | Refuse |
| HO.8 | 0.546 | 0.23 | 0.29 | 1 | 43 | 0 | 0.4 | 0.06 | 6.6 | 1.981 | 0 | Refuse |
The result of the test of the first hypothesis: it was found that there is a statistically significant role of internal audit in reducing the risk of entering AIS data, through the value of T and equal (6.155), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and it is noted that the value of the correlation coefficient R=(52.2 The determination factor value (0.273=R2) indicates that the internal audit has accounted for (27.3%) of the variance in reducing the risk of entering AIS data.
The result of the second hypothesis test: the presence of a statistically significant role of external audit in reducing the risk of entering AIS data, through the value of T and equal (7.183), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and note that the value of the correlation coefficient R=(58.1%) indicating The determination factor value (0.338=R2) indicates that external audit has accounted for (33.8%) of the variance in reducing the risk of entering AIS data.
The result of the third hypothesis test: it was found that there is a statistically significant role of internal audit in reducing the risk of the operation of AIS data, through the value of T and equal (9.139) which is greater than its tabular and moral value at the level of significance (α≤0.05), and note that the value of the correlation coefficient (R=67.3%). The determination factor value (0.453=R2) indicates that the internal audit has accounted for (45.3%) of the variance in the risk reduction of the operation of AIS data.
Test result of the fourth hypothesis: a statistically significant role of external audit in reducing the risk of the operation of AIS data, through the value of T and equal (10.063) which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and note that the value of the correlation coefficient (R=70.8%) indicating a strong determination factor value (0.501=R2) indicates that external audit has accounted for (50.1%) of the variance in the risk reduction of the operation of AIS data.
The result of the test of the fifth hypothesis: it was found that there is a statistically significant role of internal audit in reducing the risk of the output of the data of AIS, through the value of T and equal (8.803), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05). The determination factor value (0.434=R2) indicates that the internal audit has accounted for (43.4%) of the variance in reducing the risk of AIS data output.
The result of the test of the sixth hypothesis: the presence of a statistically significant role of external audit in reducing the risk of the output of AIS data, through the value of T and equal (12.837), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and note that the value of the correlation coefficient R=(78.7 The determination factor value (0.620=R2) indicates that external audit has accounted for (62%) of the variance in reducing the risk of AIS data output.
The result of the test of the seventh hypothesis: the existence of a statistically significant role of internal audit in reducing the environmental risks of AIS, through the value of T and equal (6.690), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and note that the value of the correlation coefficient R=(55.4%) indicating The determination factor value (0.307=R2) indicates that the internal audit has accounted for (30.7%) of the variance in reducing the environmental risk of AIS.
The result of the eighth hypothesis test: the existence of a statistically significant role of external audit in reducing the environmental risks of AIS, through the value of T and equal (6.558), which is greater than its tabular and moral value at the level of significance (α ≤ 0.05), and note that the value of the correlation coefficient R=(54.6%), indicating The determination factor value (0.229=R2) indicates that external audit has accounted for (22.9%) of the variance in reducing the environmental risks of AIS.
It was clarified in the study that the composition ratios affect the overall and directly on the input, operating, and output of information and data. On the contrary, the other courses have been applied to the background of influence in a positive or negative way and this is not a good decision for the reader and academic students. The title is broad and has many prospects where no research has reported the consideration of this research.
There has been much debate about the best way to measure reducing AIS and, in particular, the alignment or fit of the internal and external audit with AIS. Ismail and King (2005) considered only the role of auditing and found it very useful. Following these studies, this study also used the questionnaire to measure the alignment between AIS requirement and AIS capacity to reduce its risk and found it useful for identifying aligned and not aligned. Other studies will be needed to explore whether the questionnaire works well in similar situations and whether it might also be effective for other areas of study where fit or alignment is considered.
This study indicates that AIS varies greatly, is achievable by ACA and that alignment is linked to internal and external audit, owner/manager knowledge, and sources of advice. The study indicates that some small and medium-sized companies have built technical capacity over the years to meet the needs of the company. Importantly, the study indicates that there is no easy path to alignment. Simply engaging internal and external audit expertise such as consultants and vendors does not guarantee success. Other external sources of expertise such as government agencies and accounting firms combined with internal expertise appear to be more important than delegating all internal and external audit decisions to an external expert. Therefore, it is important that ACA learn from its use of internal and external audits so that opportunities can be recognized and initiatives that help internal and external audits support their information needs can be recognized and prioritized. This study found that the owner/manager's knowledge of sophisticated internal and external accounting and auditing was correlated with the ability to align AIS requirements with AIS capability. This indicates that owners/managers of small and medium-sized enterprises need to be familiar with financial and management accounting techniques to understand their accounting information needs, and at the same time familiarity with existing, new, and advanced technologies to generate the required information.
It is significant to note that this research was introductory in nature and thus subject to several limitations that can be addressed in future studies.
The first limitation relates to the sample bias that might affect the generalization of the results. The sample was selected from a list of internal and external auditors affiliated with the Jordanian Association of Certified Accountants, and thus cannot be generalized to all auditors. There are potential differences in the levels of auditors' sophistication and accounting information practices and thus AIS alignment among levels of internal and external auditors.
The second limitation of this research relates to the definition of the internal and external auditors affiliated with the Jordanian Association of Certified Accountants. While it is generally accepted that the number of employees could be used as a surrogate measure for firm size, expanding the definition to include the sales or revenue of the firms may produce different findings.
The third limitation of this study relates to the possible limitation of the time trend extrapolation method. While the response rate of 72% is considered excellent in the context of internal and external auditors and the findings of the time trend extrapolation also suggest that the respondents’ characteristics are similar across the time that they choose to respond, this method also presumes that this trend carries toward to the non-respondents.
Having used both theoretical and empirical basis sufficiently to further develop insights into the roles of internal and external audit in reducing the risk of AIS, and using empirical information as a support base, it can therefore be concluded that both internal and external audit has an important role to play in reducing the risk of AIS. It can also be concluded from this study that internal and external audit roles play roles in reducing the risk of AIS and are largely necessary for the proper functioning of enterprises and companies. Therefore, roles for internal and external auditing can be identified as tools for control, detection, deterrence, and insight. Thus, for the proper functioning of AIS, there should be adequate results competent, a mandate, objective and competent staff, support, regular standards for internal and external auditing, and organizational independence.
After reviewing the results of the study, we can come up with a set of recommendations: