Board committees and non-financial information assurance services

The objective of this study is to examine the role that the specialized committees, created within the board of directors, and the auditor play in relation to the hiring of a non-financial information assurance service and in relation to the choices of the assurance provider for such non-financial information. Specifically, this study analyses the effect of the independence and specialisation of the audit committee, the existence of a CSR committee, and the reputation of the financial auditor associated with its classification as Big4. The results indicate that those responsible for financial information do not show interest in contracting an assurance service, especially if it is realized by an accountant provider, except that the information is standardised according to the Global Reporting Initiative guidelines and the contracted service is comparable to the financial audit standards, has assurance for a reasonable/high level, and is carried out according to the ISAE3000 standard.

Enhanced Information Systems Success Model for Patient Information Assurance

The current health information systems have many challenges such as lack of standard user interfaces, data security and privacy issues, inability to uniquely identify patients across multiple hospital information systems, probable misuse of patient data, high technological costs, resistance to technology deployments in hospital management, lack of data gathering, processing and analysis standardization. All these challenges, among others hamper either the acceptance of the health information systems, operational efficiency or expose patient information to cyber attacks. In this paper, an enhanced information systems success model for patient information assurance is developed using an amalgamation of Technology Acceptance Model (TAM) and Information Systems Success Model (ISS). This involved the usage of Linear Structured Relationship (LISREL) software to model a combination of ISS and Intention to Use (ITU), TAM and ITU, ISS and user satisfaction (US), and finally TAM and US. The sample size of 110 respondents was obtained based on the total population of 221 using the Conhrans formula. Thereafter, simple random sampling was employed to select members within each category of employees to take part in the study. The questionnaire as a research tool was checked for reliability via Cronbach’s Alpha. The results obtained showed that for ISS and ITU modeling, only perceived ease of use, system features, response time, flexibility, timeliness, accuracy, responsiveness and user training positively influenced the intention to use. However, for the TAM and ITU modeling, only TAM’s measures such as timely information, efficiency, increased transparency, and proper patient identification had a positive effect on intension to use. The ISS and US modeling revealed that perceived ease of use had the greatest impact on user satisfaction while response time had the least effect on user satisfaction. On its part, the TAM and US modeling showed that timely information, effectiveness, consistency, enhanced communication, and proper patients identification had a positive influence on user satisfaction.

The United States Motivation in Having Cyber Security Cooperation With China

The United States and China had conducted cyber cooperation since 2011. But in 2013, both states were involved in the cyber conflict that made the previous cyber collaboration had been ineffective. After that, in 2015, both states agreed to re-form cyber cooperation. This study aims to analyse the United States' motivation in conducting cyber partnerships with China using the cybersecurity concept. This research has discovered at the national level, the United States tried to achieve its information assurance through cyber defence strategy by strengthening collaboration. On the other hand, at the international level, norm construction through bilateral collaboration has made the United States become an impactful actor in international cybersecurity.

Enhancing Security in Internet of Things Environment by Developing an Authentication Mechanism using COAP Protocol

Internet of Things (IoT) has a huge attention recently due to its new emergence, benefits, and contribution to improving the quality of human lives. Securing IoT poses an open area of research, as it is the base of allowing people to use the technology and embrace this development in their daily activities. Authentication is one of the influencing security element of Information Assurance (IA), which includes confidentiality, integrity, and availability, non repudiation, and authentication. Therefore, there is a need to enhance security in the current authentication mechanisms. In this report, some of the authentication mechanisms proposed in recent years have been presented and reviewed. Specifically, the study focuses on enhancement of security in CoAP protocol due to its relevance to the characteristics of IoT devices and its need to enhance its security by using the symmetric key with biometric features in the authentication. This study will help in providing secure authentication technology for IoT data, device, and users.

Conflictos de auditoría: estudio y análisis de las presiones y los dilemas éticos de los auditores en las principales firmas de la ciudad de Cartagena.

Este artículo presenta los resultados del estudio y análisis de las presiones y los dilemas éticos que enfrentan los contadores públicos, en calidad de auditores o revisores fiscales en la ciudad de Cartagena. De igual manera, el presente trabajo explora el impacto de las presiones que enfrentan los auditores o revisores fiscales de las firmas en este lugar y cómo éstas afectan la objetividad e independencia en los informes o dictámenes; al mismo tiempo se hace un análisis de cómo actúan frente a las presiones y los dilemas éticos que viven al desarrollar su labor. Para dar alcance a estos objetivos, se realizó una encuesta a 39 profesionales; de tal manera, con la que se busca analizar las presiones y los dilemas éticos afrontados por los auditores de las principales firmas de auditoría de la ciudad de Cartagena, quienes en su ejercicio pueden ser vulnerables en los aspectos éticos y morales a partir de las exigencias del contexto donde se desempeñan. Este estudio cobra relevancia teniendo en cuenta que en Colombia se realizó una articulación del sistema contable nacional con las exigencias internacionales a partir de la expedición de la Ley 1314 de 2009, incluyendo el aseguramiento de la información; por lo que la inclusión de la auditoría con un marco normativo más robusto y el código de ética de la International Federation of Accountants (IFAC), exigen a los profesionales un actuar con responsabilidad social. Abstract This article presents the results of a study and analysis of pressure and ethical dilemmas public accountants face as appointed auditors or as statuary auditors in the City of Cartagena. In like manner, this document addresses the impact of the pressure auditors or statuary auditors face in firms in this city and how these affect their objectivity and independence in their reports or rulings; simultaneously, an analysis is performed on how they behave while facing pressure and ethical dilemmas that they confront while carrying out their work. To reach these objectives, a questionnaire was applied to 40 professionals; in such a way that this investigation aims to analyze the pressure and ethical dilemmas which auditors from the main firms confront in the City of Cartegena, who, during their practice, may experience a violation of ethical and moral aspects based on the demands from the context where they perform their duties. This study takes on special relevance considering that Colombia has established a joint articulation between its national accounting system and with international requirements since the issuance of Law 1314 of 2009, including information assurance; Therefore, the inclusion of auditing with a more robust regulatory framework and the Code of Ethics of the International Federation of Accountants (IFAC), require professionals to act with social responsibility.

Conflictos de auditoría: estudio y análisis de las presiones y los dilemas éticos de los auditores en las principales firmas de la ciudad de Cartagena.

Este artículo presenta los resultados del estudio y análisis de las presiones y los dilemas éticos que enfrentan los contadores públicos, en calidad de auditores o revisores fiscales en la ciudad de Cartagena. De igual manera, el presente trabajo explora el impacto de las presiones que enfrentan los auditores o revisores fiscales de las firmas en este lugar y cómo éstas afectan la objetividad e independencia en los informes o dictámenes; al mismo tiempo se hace un análisis de cómo actúan frente a las presiones y los dilemas éticos que viven al desarrollar su labor. Para dar alcance a estos objetivos, se realizó una encuesta a 39 profesionales; de tal manera, con la que se busca analizar las presiones y los dilemas éticos afrontados por los auditores de las principales firmas de auditoría de la ciudad de Cartagena, quienes en su ejercicio pueden ser vulnerables en los aspectos éticos y morales a partir de las exigencias del contexto donde se desempeñan. Este estudio cobra relevancia teniendo en cuenta que en Colombia se realizó una articulación del sistema contable nacional con las exigencias internacionales a partir de la expedición de la Ley 1314 de 2009, incluyendo el aseguramiento de la información; por lo que la inclusión de la auditoría con un marco normativo más robusto y el código de ética de la International Federation of Accountants (IFAC), exigen a los profesionales un actuar con responsabilidad social. Abstract This article presents the results of a study and analysis of pressure and ethical dilemmas public accountants face as appointed auditors or as statuary auditors in the City of Cartagena. In like manner, this document addresses the impact of the pressure auditors or statuary auditors face in firms in this city and how these affect their objectivity and independence in their reports or rulings; simultaneously, an analysis is performed on how they behave while facing pressure and ethical dilemmas that they confront while carrying out their work. To reach these objectives, a questionnaire was applied to 40 professionals; in such a way that this investigation aims to analyze the pressure and ethical dilemmas which auditors from the main firms confront in the City of Cartegena, who, during their practice, may experience a violation of ethical and moral aspects based on the demands from the context where they perform their duties. This study takes on special relevance considering that Colombia has established a joint articulation between its national accounting system and with international requirements since the issuance of Law 1314 of 2009, including information assurance; Therefore, the inclusion of auditing with a more robust regulatory framework and the Code of Ethics of the International Federation of Accountants (IFAC), require professionals to act with social responsibility.

A HIPAA Security and Privacy Compliance Audit and Risk Assessment Mitigation Approach

Data breaches have a profound effect on businesses associated with industries like the US healthcare system. This task extends more pressure on healthcare providers as they continue to gain unprecedented access to patient data, as the US healthcare system integrates further into the digital realm. Pressure has also led to the creation of the Health Insurance Portability and Accountability Act, Omnibus Rule, and Health Information Technology for Economic and Clinical Health laws. The Defense Information Systems Agency also develops and maintains security technical implementation guides that are consistent with DoD cybersecurity policies, standards, architectures, security controls, and validation procedures. The objective is to design a network (physician's office) in order to meet the complexity standards and unpredictable measures posed by attackers. Additionally, the network must adhere to HIPAA security and privacy requirements required by law. Successful implantation of network design will articulate comprehension requirements of information assurance security and control.

Developing an Instrument to Measure Information Assurance Implementation for eGovernment using Goal Question Metric Approach

The eGovernment initiative is aimed to improve government services to the public by improving the quality and availability of services that can be accessed regardless of time and place. Consequently, the services must always be available at any time, and any threat to the information and systems should receive attention to ensure business continuity in the event of an incident. Therefore, in implementing eGovernment, information assurance (IA) must be considered. To determine the extent to which IA implementation status to protect eGovernment services in Indonesia, it is necessary to measure the implementation using an instrument. The measurement instrument was developed using the Goal Question Metric (GQM) approach. The developed instrument was then used in a case study to test its effectiveness in measuring the IA implementation. From the results of the case study, it can be concluded that the IA measurement instrument for eGovernment was proven to be effective within Indonesian context.

Assurance on non-financial reporting: theoretical underpinning, standards and practices of companies operating in Western and Eastern Europe

Objective: The paper presents the issue of non-financial information assurance and identifies the practices of companies operating in Europe in this regard. Methodology/research approach: The research is based on a literature review and analysis of a sample of 935 companies whose non-financial reports, prepared according to the GRI guidelines, are available from the GRI Sustainability Disclosure Database. In particular, we analyze how many companies had their non-financial information verified in 2017 and their previous practice in this regard (since 2005), as well as their structure according to the assuror type, the assurance standard used, the engagement type, and the assurance scope. Findings: Nearly half of the companies had their non-financial information independently and externally verified, including 34 Eastern European companies (30%) and 426 from Western Europe (52%). Most of the entities which provide assurance are so-called Big Four audit companies, mainly Deloitte and E&Y, which use the ISAE 3000 standard for this purpose. The most common engagement type is limited engagement. Limitations: The study is descriptive, which results from the nature of the data collected and the large disparity between companies using assurance in Western and Eastern Europe. Originality/value: The Article broadens accounting knowledge, in particular, on non-financial reporting. It indicates the need to take steps towards the wider use of non-financial information assurance in Eastern Europe.