Paper Info
Title
Information Security Professionals' Perceptions About The Relationship Between The Information Security And Internal Audit Functions
Abstract
Internal auditors and information security professionals both play important roles in protecting an organization's assets. Indeed, there are potential synergistic benefits if they work together. The relationship between the two functions, however, is not always supportive. This paper presents the results of a survey of information security professionals' perceptions about the nature of the relationship between the information security and internal audit functions in their organization. We find that information security professionals' perceptions about the level of technical expertise possessed by internal auditors and the extent of internal audit review of information security are positively related to their assessment about the quality of the relationship between the two functions. We also find that the quality of the relationship between the internal audit and information security functions is positively associated with perceptions about the value provided by internal audit and, most important, with measures of overall effectiveness of the organization's information security endeavors. We discuss the implications of our findings for both research and practice.
Year
DOI
Venue
2013
10.2308/isys-50510
JOURNAL OF INFORMATION SYSTEMS
Keywords
Field
DocType
internal audit, information systems security, information security governance, perceptions, survey
Public relations,Computer science,Certified Information Security Manager,Information security,Knowledge management,Information security management,Joint audit,Internal audit,Information security audit,Security management,Information technology audit
Journal
Volume
Issue
ISSN
27
2
0888-7985
Citations 
PageRank 
References 
4
0.47
7
Authors
4
Name
Order
Citations
PageRank
Paul John Steinbart112513.17
Robyn L. Raschke21128.06
Graham Gal32413.68
William Dilla4696.50