Search results

The technical feasibility of using Benford's law to assist internal auditors in reviewing the integrity of high-volume data sets is analysed. This study explores whether Benford's distribution applies to the set of numbers represented by the quantity of records (size) that comprise the different tables that make up a state-owned enterprise's (SOE) enterprise resource planning (ERP) relational database. The use of Benford's law streamlines the search for possible abnormalities within the ERP system's data set, increasing the ability of the internal audit functions (IAFs) to detect anomalies within the database. In the SOEs of emerging economies, where groups compete for power and resources, internal auditors are better off employing analytical tests to discharge their duties without getting involved in power struggles.

Records of eight databases of an SOE in Argentina are used to analyse the number of records of each table in periods of three to 12 years. The case develops step-by-step Benford's law application to test each ERP module records using Chi-squared (χ²) and mean absolute deviation (MAD) goodness-of-fit tests.

Benford's law is an adequate tool for performing integrity tests of high-volume databases. A minimum of 350 tables within each database are required for the MAD test to be effective; this threshold is higher than the 67 reported by earlier researches. Robust results are obtained for the complete ERP system and for large modules; modules with less than 350 tables show low conformity with Benford's law.

This study is not about detecting fraud; it aims to help internal auditors red flag databases that will need further attention, making the most out of available limited resources in SOEs. The contribution is a simple, cheap and useful quantitative tool that can be employed by internal auditors in emerging economies to perform the first scan of the data contained in relational databases.

This paper provides a tool to test whether large amounts of data behave as expected, and if not, they can be pinpointed for future investigation. It offers tests and explanations on the tool's application so that internal auditors of SOEs in emerging economies can use it, particularly those that face divergent expectations from antagonist powerful interest groups.

This study demonstrates that even in the context of limited information technology tools available for internal auditors, there are simple and inexpensive tests to review the integrity of high-volume databases. It also extends the literature on high-volume database integrity tests and our knowledge of the IAF in Civil law countries, particularly emerging economies in Latin America.

Group reporting, a form of cooperative learning, is a learning tool often employed in residential teaching to facilitate quality learning. Like other cooperative learning methods, it enhances learning in classrooms by allowing students work on activities in small groups to receive rewards based on their group’s performance. However, though group reporting is often done in face-to-face settings, few up-to-date literature has shown its application in online learning. Moreover, the question as to whether online cooperative learning through group reports yields positive or negative response from students has to be studied further. The paper aims to discuss these issues.

This study focuses on the students’ response to the group reporting activity carried throughout one semester. A course offered by the University of the Philippines Open University on database management systems made use of group reporting to add to the students’ learning experience. Group meetings along with regular online lectures were carried out during the first half of the semester. The output group reports were then presented during the second half and served as the main resource for those weeks’ study modules. An online survey with Likert scales drawing out the student reactions on the learning activity impact was administered to volunteer respondents at the end of classes.

In total, 71.9 percent of 32 respondents observed changes in their behavior after using peer and cooperative learning technologies. The respondents also indicated that they enjoyed the group reporting activity (14 agreeing strongly, 14 agreeing moderately). They also indicated that they were motivated to learn the course through the group reports (8 agreeing strongly, 14 agreeing moderately). However, when asked if they preferred to have all the modules in group report format 9 agreed moderately, 8 disagreed moderately, 7 disagreed strongly, 4 agreed strongly, and 4 neither agreed nor disagreed. Still, overall, online cooperative learning facilitated quality learning based on this study’s results.

This study contributes to the body of knowledge by showing how group reporting can be applied online and how students have responded to it. The study also provides recommendations on how to conduct online cooperative learning in order to enhance the quality of courses, with implications for further research to look into variations with respect to the technology used for reporting and its suitability to a given course.

In further conceptualizing a novel generative knowledge management system (KM/KMS), this paper aims to focus on identifying and mitigating the risks related to its envisaged scaling from a prototype to an application with a rapidly growing user base.

It follows up on prior publications using design science research (DSR) methodologies in compliance with theory effectiveness, a principle expecting system designs to be purposeful in terms of utility and communication. The KMS perspective taken prioritizes a decentralizing agenda benefiting knowledge workers while also aiming to foster a fruitful co-evolution with conventional organizational KM approaches.

The utilization and further extension of the CKDT and a “scalable innovation” heuristic are assisting the detecting of potential scaling risks related to the logics and logistics, generative interoperability, technological capacitating, knowledge dynamics and value chain which further validates the viability of the proposed KM concept and system.

Although the prototype development is still in progress, the paper conforms to the DSR practice to report on early visions of technology impact on users, organizations and society but also reflects on expectations of viability, desirability and commitment, as well as the system’s prospect as a general-purpose-technology or disruptive innovation.

In addition to the novel KM-related perspectives, the paper’s practical emphasis on the scaling of more complex systems is rarely dealt with in the literature due to the respective projects’ often large-scale collaborative nature, broad methodological scope and diverse stakeholders’ interests. In this case, the task is eased as prior DSR outputs can be referred to.

The aim of this paper is to identify some of the challenges that need to be addressed to accelerate the deployment and adoption of smart health technologies for ubiquitous healthcare access. The paper also explores how internet of things (IoT) and big data technologies can be combined with smart health to provide better healthcare solutions.

The authors reviewed the literature to identify the challenges which have slowed down the deployment and adoption of smart health.

The authors discussed how IoT and big data technologies can be integrated with smart health to address some of the challenges to improve health-care availability, access and costs.

The results of this paper will help health-care designers, professionals and researchers design better health-care information systems.

This study assesses the prevalence of accidental falls in Thailand's older adult population and the contingent influences surrounding this prevalence.

Data were drawn from the Cross-Sectional National Surveys of Older Persons in Thailand, pooling of four survey datasets which took place in 2007, 2011, 2014 and 2017. Stratified two-stage sampling was employed. Interviews were conducted with sample sizes of 11,370, 11,061, 13,775 and 12,457 senior citizens, aged 60 and above, in the respective survey years. Further investigation was conducted on subjects who reported to be of good health and without any disability, yet experienced accidental falls. The prevalence of accidental falls was examined, and variable aspects concerning fall risk were assessed with probability-weighted multiple logistic regression.

The average prevalence of accidental falls from the four surveys was 4.7%. Significant risk factors identified were advanced age, being female, living in a rural residence, having worked in the previous 7 days, lack of/excessive exercise, alcohol consumption, smoking and having an outdoor lavatory.

Accidental falls tend to increase among community-dwelling seniors aged 60 and above. Falls increase with age and are more common among the women in that demographic. Findings suggest the need for government and local agencies to consider tailoring some public health approaches to the prevention of accidental falls. This study also highlights the necessity of proper work environment maintenance to prevent these falls.

Authorization and access control have been a topic of research for several decades. However, existing definitions are inconsistent and even contradicting each other. Furthermore, there are numerous access control models and even more have recently evolved to conform with the challenging requirements of resource protection. That makes it hard to classify the models and decide for an appropriate one satisfying security needs. Therefore, this study aims to guide through the plenty of access control models in the current state of the art besides this opaque accumulation of terms meaning and how they are related.

This study follows the systematic literature review approach to investigate current research regarding access control models and illustrate the findings of the conducted review. To provide a detailed understanding of the topic, this study identified the need for an additional study on the terms related to the domain of authorization and access control.

The authors’ research results in this paper are the distinction between authorization and access control with respect to definition, strategies, and models in addition to the classification schema. This study provides a comprehensive overview of existing models and an analysis according to the proposed five classes of access control models.

Based on the authors’ definitions of authorization and access control along with their related terms, i.e. authorization strategy, model and policy as well as access control model and mechanism, this study gives an overview of authorization strategies and propose a classification of access control models providing examples for each category. In contrast to other comparative studies, this study discusses more access control models, including the conventional state-of-the-art models and novel ones. This study also summarizes each of the literature works after selecting the relevant ones focusing on the database system domain or providing a survey, a classification or evaluation criteria of access control models. Additionally, the introduced categories of models are analyzed with respect to various criteria that are partly selected from the standard access control system evaluation metrics by the National Institute of Standards and Technology.

Data protection requirements heavily increased due to the rising awareness of data security, legal requirements and technological developments. Today, NoSQL databases are increasingly used in security-critical domains. Current survey works on databases and data security only consider authorization and access control in a very general way and do not regard most of today’s sophisticated requirements. Accordingly, the purpose of this paper is to discuss authorization and access control for relational and NoSQL database models in detail with respect to requirements and current state of the art.

This paper follows a systematic literature review approach to study authorization and access control for different database models. Starting with a research on survey works on authorization and access control in databases, the study continues with the identification and definition of advanced authorization and access control requirements, which are generally applicable to any database model. This paper then discusses and compares current database models based on these requirements.

As no survey works consider requirements for authorization and access control in different database models so far, the authors define their requirements. Furthermore, the authors discuss the current state of the art for the relational, key-value, column-oriented, document-based and graph database models in comparison to the defined requirements.

This paper focuses on authorization and access control for various database models, not concrete products. This paper identifies today’s sophisticated – yet general – requirements from the literature and compares them with research results and access control features of current products for the relational and NoSQL database models.

This study aims at investigating the extent of SysTrust’s framework (principles and criteria) as an internal control approach for assuring the reliability of accounting information system (AIS) were being implemented in Jordanian business organizations.

The study is based on primary data collected through a structured questionnaire from 239 out of 328 shareholdings companies. The survey units were the shareholding companies in Jordan, and the single key respondents approach was adopted. The extents of SysTrust principles were also measured. Previously validated instruments were used where required. The data were analysed using t-test and ANOVA.

The results indicated that the extent of SysTrust being implemented could be considered to be moderate at this stage. This implies that there are some variations among business organizations in terms of their level of implementing of SysTrust principles and criteria. The results also showed that the extent of SysTrust principles being implemented was varied among business organizations based on their business sector. However, there were not found varied due to their size of business and a length of time in business (experience).

This study is only conducted in Jordan as a developing country. Although Jordan is a valid indicator of prevalent factors in the wider MENA region and developing countries, the lack of external validity of this research means that any generalization of the research findings should be made with caution. Future research can be orientated to other national and cultural settings and compared with the results of this study.

The study provides evidence of the need for management to recognize the importance of the implementation of SysTrust principles and criteria as an internal control for assuring the reliability of AIS within their organizations and be aware which of these principles are appropriate to their size and industry sector.

The findings would be valuable for academic researchers, managers and professional accounting to acquire a better undemanding of the current status of the implementation of the SysTrust principles (i.e., availability, security, integrity processing, confidentiality, and privacy) as an internal control method for assuring the reliability of AIS by testing the phenomenon in Jordan as a developing country.

The dependence on the use of information systems for nearly every activity and functions in the internet is increasingly high. This form of interconnectedness has bolstered national economies, enhanced how governments interact with their citizens and how ordinary people connect with friends and family. However, this dependence has equally resulted to a high rise in vulnerability, threat and risk associated with more use of information and communication technology. Cyber-attacks that have the potential to disrupt or damage information system infrastructure are getting more complex with some level of sophistication. Traditional protection of information system infrastructure is no longer sufficient; systems have proven to be immune to failure or incidents. This paper aims to ensure that there is a continuous availability of services through a fail-safe proof.

MYSQL replication technique was used to develop a model based on three-tier layers using the principle of network interdependency and the replication techniques. Tier 1 depicts a Telecom organization serving as service provider that provides internet service to Tier 2 organization – a Bank; Tier 3 is the financial App that can be used by bank staff and customers. The fail-safe mode integrated mechanism enables Tier 3 to continue to render its services in the event of an attack on Tier 1 such as DDoS without disruption.

This technique succeeded in mitigating the loss of data if cyber incident occurred or reception of uninterrupted services is countered, which give rise to future master-to-master architecture.

The study conducted is limited to the design and development of a fail-safe system for interdependent networks or systems using MYSQL replication technique.

In an interdependent environment such as the cyberspace, the sectors are interdependent for optimal results. The originality of the work ensures that there is availability of services which is sustained and that data integrity is assured using the fail-safe technique based on MySQL replication method.

To improve the academic integrity of online examinations, digital proctoring systems have recently been implemented in higher education institutions (HEIs). The paper aims to understand how digital proctoring has been practised in higher education (HE) and proposes future research directions for studying digital proctoring in HE.

A systematic literature review was conducted. The PRISMA procedure was adapted for the literature search. The topics were identified by topic modelling techniques from 154 relevant publications in seven databases.

Seven widely discussed topics in literature were identified, including solutions for detecting cheating and student authentication, challenges/issues of uptakes and students' performance in different proctoring environments.

This paper provides insights for academics, policymakers, practitioners and students to understand the implementation of digital proctoring in academia, its adoption by HEIs, impacts on students' and educators' performance and the rapid increase in its use for digital exams in HEIs, with particular emphasis on the impacts of the systems on digitalising examinations in HE.

This review paper has systematically and critically described the state-of-the-art literature on digital proctoring in HE and provides useful insights and implications for future research on digital proctoring, and how academic integrity in online examinations can be enhanced, along with digitalising HE.