Evaluating the security controls of CAIS in developing countries: an empirical investigation
Abstract
Purpose
This paper aims to examine the existence and adequacy of implemented computerized accounting information system (CAIS) security controls to prevent, detect and correct security breaches in Saudi organization.
Design/methodology/approach
The first part of the paper introduces and discusses the literature review concerned with the CAIS security controls. The current paper introduces and discusses the main results of the empirical investigation. An empirical survey using self‐administered questionnaire, was carried out to achieve this purpose. A total of 500 questionnaires were distributed on a random sample of Saudi organizations. Of them, 275 valid, usable questionnaires were collected and analyzed.
Findings
The results of the study highlight a number of inadequately implemented CAIS security controls, and some suggestions and recommendations are introduced to strengthen the weak points and to close the loopholes in the present CAIS security controls in Saudi organizations.
Practical implications
From a practical standpoint, mangers, auditors, IT users and practitioners alike stand to gain from the findings of this study.
Originality/value
The results presented in the paper help enable managers, auditors, IT users and practitioners to better understand and secure their CAIS and to champion IT development for the success of their businesses.
Keywords
Citation
Abu‐Musa, A.A. (2007), "Evaluating the security controls of CAIS in developing countries: an empirical investigation", Information Management & Computer Security, Vol. 15 No. 2, pp. 128-148. https://doi.org/10.1108/09685220710748038
Publisher
:Emerald Group Publishing Limited
Copyright © 2007, Emerald Group Publishing Limited