Computerized Accounting Information Systems:
An Empirical Research Applied on Jordanian Banking Sector
Talal H. Hayale*
Husam A. Abu Khadra†
The objective of this study is to evaluate the level of Control Systems effectiveness in Computerized Accounting Information Systems (CAIS) that is implemented in the Jordanian banking sector to preserve confidentiality, integrity and availability of the bank's data and their CAIS.
An empirical survey using self-administrated questionnaire has been carried out to achieve the above-mentioned objectives. The study results reveal that Jordanian domestic banks are using effective fraud and error reduction controls. The study also reveals that these banks lack in the application of other Control System dimensions (Physical access, Logical access, Data security, Documentation standard, Disaster Recovery, Internet, communication and E-Control and Output security controls). The study’s main recommendation is for Jordanian domestic banks to increase the CAIS control system strength for all dimensions, in order to avoid any possible threats that could threaten their CAIS.
Keywords: AIS, computerised, control, effectiveness, evaluation, jordan
The Computerized Accounting Information Systems (CAIS) encounter serious security threats that may arise from the weakness of their Control Systems (CS) or from the nature of the competitive environment (Information Age) as the need for information is greater. At the same time, the very survival of organization depends on correct management, security and confidentiality of their information, Eduardo and Marino (2004). Where the information assets constitute a significant proportion of an entity’s market value (ITGI, 2001)
Consequently security threats related to CAIS require a great attention from auditors and accountants in order to be recognized and minimized by evaluating organization CS. (Greenstein and Vasarhelyi, 2000).
Many efforts herein appeared as increasing interest, especially by the auditors to evolve the audit model toward a more action-driven method of control, revision and assurance, Timothy et al, (1998). Several professional committees have undertaken this endeavor, even if it was late, such as AICPA that published SAS No.94‡ in 2001. However, these initiatives were in the form of general instructions, and nothing specific viewed to be considered as detailed guidance to the auditors in their work, Boynton (2001) & Kinusn Tam (2002).
In 2002 The Sarbanes-Oxley act calls for “real time” disclosure of information on material changes in the financial conditions or operations of publicly held companies. As a consequence, organizations are more concerned with timeliness and quality of financial performance information. Uday (2004). Accordingly, the responsibility has increased dramatically on the accounting profession, to quickly recognize and assess of the risks that are associated with Control Systems (CS) in the IT environment and define detailed security controls checklist to be obtained; because the technology in many cases developed faster than the advancement in CS, Ryan & Bordoloi (1997).
The objective of this paper is to evaluate Computerized Accounting Information Systems (CAIS) Control Systems (CS) in the Jordanian banking sector and to measure their effectiveness. This study also aims to identify whether there are significant differences among the respondents in the study sample (Internal Auditors and Heads of Computer Department (HOCD)) in respect of the effectiveness level of CS. While the issue of creating an overall effectiveness measurement to evaluate the CAIS Control System has received considerable research attention in North America and Europe, studies based on international experience, especially in developing countries, are relatively rare. We are unaware of any...