Search results

Ambient service provisioning with the least human participation in a pervasive computing environment, which is composed of interconnected devices and sensors, raises several trust and security issues. Accurate measuring of the integrity of the nodes that are willing to interact in this intimate environment can boost the trust evolution process, particularly in the uncertainty state and initiation phase. The paper aims to discuss these issues.

The paper presents a unified approach in calculating the trust value among the nodes by leveraging some trusted computing functionalities. The approach aggregates different trust metrics like context, recommendation, and history to compute the trust index of each party more accurately. The paper also describes several existing remote attestation techniques including the chosen attestation technique for the model. The paper simulated the behaviour of the model in different scenarios and evaluates its responsiveness when the trustworthiness among peer nodes can be attested.

The results obtained from different simulated scenarios demonstrate the usefulness of the proposed model. It is shown that trust evaluation process in the proposed model is very granular and also can be fine-tuned according to the application and context. The model strength in solving the uncertain situations and assigning appropriate initial trust values is shown, as well. Finally, the paper describes the future research plan to evaluate the accuracy of the model.

The novel idea of applying remote attestation in trust determination may open up new avenues of research in the study of trust management and trust models.

The purpose of this study is to examine the value of auditor attestation in internal control over financial reporting (ICFR) disclosures. The authors argue that internal control material weakness (ICMW) disclosures issued without auditor attestation by non-accelerated filers provide weaker signal to the impaired financial reporting quality compared to those issued with auditor attestation by accelerated filers.

This study investigates the differences in the association between ICMW disclosures and impaired financial reporting quality, as proxied by financial statement restatements, for accelerated and non-accelerated filers. The authors use propensity score matching to find control groups for both accelerated and non-accelerated filers.

The authors find that ICMW disclosures signal impaired financial reporting quality for both accelerated and non-accelerated filers, but such signaling is weaker for non-accelerated filers compared to accelerated filers.

Although propensity score matching was used to match firms with and without ICMW disclosures, any unobservable fundamental differences between these groups may affect the results of this study.

This study shows that auditors’ involvement in the assessment of internal control effectiveness improves the signaling effect of ICMW disclosures on impaired financial reporting quality. As approved by the House Financial Services (HFS) Committee on November 4, 2009, non-accelerated filers are permanently exempt from auditor attestation requirement. This study provides some evidence that the exemption of non-accelerated filers from auditor attestation may have unintended consequences, and these results should be of interest to regulators and investors.

The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.

An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.

Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.

A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).

The purpose of this study is to examine the impact of public accounting firms' mix of service revenue on their average productivity measured by total revenue per partner.

Using data from Public Accounting Report on top public accounting firms by revenue, an OLS regression model is applied by regressing revenue per partner on the percentage of revenue generated from auditing and attest, tax, management consulting, and other services independently.

Results show that the proportion of auditing and attest service revenue is negatively associated with public accounting firms' productivity. However, the proportion of other services revenue, other than tax and management consulting services, is positively associated with productivity. Additional investigation shows that if public accounting firms provide other services in their mix of services, then tax and management consulting services do not contribute to these public accounting firms' productivity.

Results of this study cannot be generalized beyond the top 100 public accounting firms, and the measurement of revenue per partner ignores the exact number of partners within different service areas.

Although auditing and attest services are considered core services of public accounting firms, they do not increase the productivity of the firm.

This study helps in assessing whether average productivity of public accounting firms is affected by the proportion of a specific type of service in the post‐SOX era.

This study empirically examines perceptions of environmental report believability based on a firm's relative performance and level of assurance obtained on environmental activities under the recently clarified and recodified attestation standards in the United States.

The paper uses a 2 × 3 between-subjects experiment to identify differences in 153 non-expert environmental report users' perceptions of report believability based on positive or negative firm performance and (level of) assurance provided by an accounting firm.

Results show a main effect in that negative performance reports are perceived to be more believable than positive performance reports, as driven by negative performance reports being significantly more believable when no assurance is present. The firm performance effect is eliminated once limited or reasonable assurance is provided. Further, positive performance reports with limited, but not reasonable, assurance are perceived to be more believable than reports without assurance. No differences are identified within the negative performance condition.

Limited assurance might be used as an impression management tool to enhance the believability of positive performance environmental reports. Users, practitioners, and standard-setters should also be aware that users might believe environmental reports are assured, even when no such assurance has been provided.

This paper examines the impact of assured environmental reporting on users that review firms' environmental reports outside of a shareholder/investor role. The study also demonstrates conditions in which firm performance and assurance impact perceptions of report believability.

The purpose of this study is to examine the change in audit fees for US‐listed foreign firms in their first year of providing Section 404 auditor attestation reports for fiscal years ending between July 15, 2006 and July 14, 2007.

During the sampling time period, foreign large accelerated filers had to provide both auditor and management Section 404 reports while the foreign accelerated filers only had to provide management Section 404 reports without the auditor attestation reports. Foreign non‐accelerated filers did not have to provide any Section 404 report. This research design and sample allows the authors to control for the general market‐wide increases in audit fees. The paper examines the annual change in audit fees from the preceding year to the first year of Section 404 compliance.

It is found that foreign large accelerated filers have an average increase of 74 percent in audit fees in this first year of Section 404 compliance, while the foreign accelerated filers and non‐accelerated filers only have increases in audit fees of 33 percent and 42 percent, respectively. Since this research design and sample allow the authors to control for the general market‐wide increases in audit fees, the authors are able to conclude that foreign large accelerated filers incurred, on average, a 30 percent increase in audit fees just to comply with Section 404. It is also found that the increase in audit fees among foreign large accelerated filers is negatively associated with the strength of their home countries' legal environment.

Arguably, Section 404 is perhaps the most controversial aspect of Sarbanes‐Oxley Act due to its high audit fees. The results of this study would provide interesting findings to regulators and researchers.

This paper seeks to discuss the effect that the Sarbanes‐Oxley Act (SOA) had on both the nature of the external audit function and overall audit quality. Additionally, it aims to discuss how audit firms maneuvered through the newly regulated environment, and what their strategic actions are for the future.

This discussion is based on interviews conducted with auditors from nine public accounting firms located in Northeast Ohio, United States of America. The sample consisted of five national and four regional firms, and the interviewees included mostly partners and a few senior managers.

The increased oversight and workload resulting from the SOA requirements has changed the nature of the external audit function to more compliance type work, and the environment has created much anxiety for the auditors. The new reform has significantly impacted the audit environment in terms of: scope of services; client assessment procedures; management and audit committee relationships with the external auditor; audit firm personnel management; and the long‐term outlook of the profession. The details of these impacts are discussed throughout the paper.

This paper provides detailed insight as to how the SOA impacted the audit profession. Hopefully, such an understanding will benefit future research in measuring the costs and benefits of the new reform. Lastly, a future research showed further examine the effect that the SOA has had on overall audit quality.

This paper summarizes the insightful comments obtained in structured interviews with several leading audit professionals. The sample was judged to be highly knowledgeable of the changing audit environment caused by the SOA. With an improved understanding of its impacts, regulators, practitioners, and academics can better assess the effectiveness of the SOA.

This paper aims to explore the relationship between market share and performance of large accounting firms. It also investigates whether the performance of international accounting firms is better than that of non-international accounting firms.

This paper divides the empirical analysis into two stages. The first stage constructs a multiple regression model to explore the relationship between market share, international operations and the performance of large accounting firms. The second stage uses the Tobit regression model to identify the determinants of market share of international accounting firms.

Empirical results show that there is a significant, positive relationship between market share and performance, and that the performance of international accounting firms is better than that of non-international accounting firms. Second, from the perspective of business characteristics, the scope of the most international accounting firms is traditional auditing services; namely financial attestation and tax business services.

From the clients' viewpoint, market share is one of the key indices in determining the quality of the accounting firms' service.

As the market for auditing services in Taiwan is saturated, in the future, the accounting industry will be concerned with non-auditing services. It is suggested that the large accounting firms could follow the demand changes of their clients: employ professionals in various fields to provide specialized services, adjust the range of transnational and management consultant services, and operate management consultant services more aggressively. These measures would have advantages in a fiercely competitive market.

This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.

An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.

Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.

A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.

Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.

This paper aims to examine, through the lens of language expectancy theory (LET), how sustainability assurors use optimism and certainty in possible persuasion attempts. The paper also explores a number of explanatory variables that could offer insights into the use of these verbal tones in sustainability assurance reports.

First, the paper relies on DICTION standard normalised optimism and certainty ranges in conjunction with descriptive statistics to analyse how sustainability assurors use optimism and certainty. Second, the paper uses quantile regression with robust standard errors to investigate the association between the measures of verbal tone used in this study and several possible explanatory variables.

Consistent with LET, the study documents that sustainability assurors exercise caution in using both certainty and optimism in persuasion attempts. The paper also finds that possible explanatory variables significantly associated with optimism include praise, assurance level, legal system and report location. However, reference to sustainability management control (SMC), status of assurance providers, praise, legal system and financial performance appear to explain the use of certainty.

The paper does not, at this stage, claim causality between the two measures of verbal tone, on the one hand, and the possible explanatory variables explored, on the other hand. It rather reports their possible associations. Furthermore, the study only measures reference to management control system and not reliance on it.

The main findings of this study imply that the use of optimism and certainty exhibits likely cautious practice by assurors. Nevertheless, assurors are more likely to use certainty more flexibly and appear more discreet when using optimism.

The findings of this paper also indicate how societal expectations play an important role in ensuring cautious persuasive behaviour by sustainability assurors in using verbal tones within sustainability assurance statements. This suggests that stakeholders may place reliance on attestations expressed in these statements.

The paper represents the first attempt to test LET in sustainability accounting by analysing verbal tones used by sustainability assurance providers. It contributes to the sustainability assurance literature in that it empirically demonstrates how sustainability assurors, as expert communicators, use optimistic tone and verbal certainty in careful persuasion attempts.