Search results
1 – 10 of 575Hamed Khiabani, Norbik Bashah Idris and Jamalul-lail Ab Manan
Ambient service provisioning with the least human participation in a pervasive computing environment, which is composed of interconnected devices and sensors, raises several trust…
Abstract
Purpose
Ambient service provisioning with the least human participation in a pervasive computing environment, which is composed of interconnected devices and sensors, raises several trust and security issues. Accurate measuring of the integrity of the nodes that are willing to interact in this intimate environment can boost the trust evolution process, particularly in the uncertainty state and initiation phase. The paper aims to discuss these issues.
Design/methodology/approach
The paper presents a unified approach in calculating the trust value among the nodes by leveraging some trusted computing functionalities. The approach aggregates different trust metrics like context, recommendation, and history to compute the trust index of each party more accurately. The paper also describes several existing remote attestation techniques including the chosen attestation technique for the model. The paper simulated the behaviour of the model in different scenarios and evaluates its responsiveness when the trustworthiness among peer nodes can be attested.
Findings
The results obtained from different simulated scenarios demonstrate the usefulness of the proposed model. It is shown that trust evaluation process in the proposed model is very granular and also can be fine-tuned according to the application and context. The model strength in solving the uncertain situations and assigning appropriate initial trust values is shown, as well. Finally, the paper describes the future research plan to evaluate the accuracy of the model.
Originality/value
The novel idea of applying remote attestation in trust determination may open up new avenues of research in the study of trust management and trust models.
Details
Keywords
Binod Guragai and Paul D. Hutchison
The purpose of this study is to examine the value of auditor attestation in internal control over financial reporting (ICFR) disclosures. The authors argue that internal control…
Abstract
Purpose
The purpose of this study is to examine the value of auditor attestation in internal control over financial reporting (ICFR) disclosures. The authors argue that internal control material weakness (ICMW) disclosures issued without auditor attestation by non-accelerated filers provide weaker signal to the impaired financial reporting quality compared to those issued with auditor attestation by accelerated filers.
Design/methodology/approach
This study investigates the differences in the association between ICMW disclosures and impaired financial reporting quality, as proxied by financial statement restatements, for accelerated and non-accelerated filers. The authors use propensity score matching to find control groups for both accelerated and non-accelerated filers.
Findings
The authors find that ICMW disclosures signal impaired financial reporting quality for both accelerated and non-accelerated filers, but such signaling is weaker for non-accelerated filers compared to accelerated filers.
Research limitations/implications
Although propensity score matching was used to match firms with and without ICMW disclosures, any unobservable fundamental differences between these groups may affect the results of this study.
Originality/value
This study shows that auditors’ involvement in the assessment of internal control effectiveness improves the signaling effect of ICMW disclosures on impaired financial reporting quality. As approved by the House Financial Services (HFS) Committee on November 4, 2009, non-accelerated filers are permanently exempt from auditor attestation requirement. This study provides some evidence that the exemption of non-accelerated filers from auditor attestation may have unintended consequences, and these results should be of interest to regulators and investors.
Details
Keywords
Lamya Abdullah and Juan Quintero
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a…
Abstract
Purpose
The purpose of this study is to propose an approach to avoid having to trust a single entity in cloud-based applications. In cloud computing, data processing is delegated to a remote party for efficiency and flexibility reasons. A practical user requirement usually is data privacy; hence, the confidentiality and integrity of data processing needs to be protected. In the common scenarios of cloud computing today, this can only be achieved by assuming that the remote party does not in any form act maliciously.
Design/methodology/approach
An approach that avoids having to trust a single entity is proposed. This approach is based on two concepts: the technical abstraction of sealed computation, i.e. a technical mechanism to confine a privacy-aware processing of data within a tamper-proof hardware container, and the role of an auditing party that itself cannot add functionality to the system but is able to check whether the system (including the mechanism for sealed computation) works as expected.
Findings
Discussion and analysis of the abstract, technical and procedural requirements of these concepts and how they can be applied in practice are explained.
Originality/value
A preliminary version of this paper was published in the proceedings of the second International Workshop on SECurity and Privacy Requirements Engineering (SECPRE, 2018).
Details
Keywords
Magdy S. Farag and Rafik Z. Elias
The purpose of this study is to examine the impact of public accounting firms' mix of service revenue on their average productivity measured by total revenue per partner.
Abstract
Purpose
The purpose of this study is to examine the impact of public accounting firms' mix of service revenue on their average productivity measured by total revenue per partner.
Design/methodology/approach
Using data from Public Accounting Report on top public accounting firms by revenue, an OLS regression model is applied by regressing revenue per partner on the percentage of revenue generated from auditing and attest, tax, management consulting, and other services independently.
Findings
Results show that the proportion of auditing and attest service revenue is negatively associated with public accounting firms' productivity. However, the proportion of other services revenue, other than tax and management consulting services, is positively associated with productivity. Additional investigation shows that if public accounting firms provide other services in their mix of services, then tax and management consulting services do not contribute to these public accounting firms' productivity.
Research limitations/implications
Results of this study cannot be generalized beyond the top 100 public accounting firms, and the measurement of revenue per partner ignores the exact number of partners within different service areas.
Practical implications
Although auditing and attest services are considered core services of public accounting firms, they do not increase the productivity of the firm.
Originality/value
This study helps in assessing whether average productivity of public accounting firms is affected by the proportion of a specific type of service in the post‐SOX era.
Details
Keywords
Mark D. Sheldon and J. Gregory Jenkins
This study empirically examines perceptions of environmental report believability based on a firm's relative performance and level of assurance obtained on environmental…
Abstract
Purpose
This study empirically examines perceptions of environmental report believability based on a firm's relative performance and level of assurance obtained on environmental activities under the recently clarified and recodified attestation standards in the United States.
Design/methodology/approach
The paper uses a 2 × 3 between-subjects experiment to identify differences in 153 non-expert environmental report users' perceptions of report believability based on positive or negative firm performance and (level of) assurance provided by an accounting firm.
Findings
Results show a main effect in that negative performance reports are perceived to be more believable than positive performance reports, as driven by negative performance reports being significantly more believable when no assurance is present. The firm performance effect is eliminated once limited or reasonable assurance is provided. Further, positive performance reports with limited, but not reasonable, assurance are perceived to be more believable than reports without assurance. No differences are identified within the negative performance condition.
Practical implications
Limited assurance might be used as an impression management tool to enhance the believability of positive performance environmental reports. Users, practitioners, and standard-setters should also be aware that users might believe environmental reports are assured, even when no such assurance has been provided.
Originality/value
This paper examines the impact of assured environmental reporting on users that review firms' environmental reports outside of a shareholder/investor role. The study also demonstrates conditions in which firm performance and assurance impact perceptions of report believability.
Details
Keywords
Kam C. Chan, Rudolph A. Jacob, Picheng Lee and Gim S. Seow
The purpose of this study is to examine the change in audit fees for US‐listed foreign firms in their first year of providing Section 404 auditor attestation reports for fiscal…
Abstract
Purpose
The purpose of this study is to examine the change in audit fees for US‐listed foreign firms in their first year of providing Section 404 auditor attestation reports for fiscal years ending between July 15, 2006 and July 14, 2007.
Design/methodology/approach
During the sampling time period, foreign large accelerated filers had to provide both auditor and management Section 404 reports while the foreign accelerated filers only had to provide management Section 404 reports without the auditor attestation reports. Foreign non‐accelerated filers did not have to provide any Section 404 report. This research design and sample allows the authors to control for the general market‐wide increases in audit fees. The paper examines the annual change in audit fees from the preceding year to the first year of Section 404 compliance.
Findings
It is found that foreign large accelerated filers have an average increase of 74 percent in audit fees in this first year of Section 404 compliance, while the foreign accelerated filers and non‐accelerated filers only have increases in audit fees of 33 percent and 42 percent, respectively. Since this research design and sample allow the authors to control for the general market‐wide increases in audit fees, the authors are able to conclude that foreign large accelerated filers incurred, on average, a 30 percent increase in audit fees just to comply with Section 404. It is also found that the increase in audit fees among foreign large accelerated filers is negatively associated with the strength of their home countries' legal environment.
Originality/value
Arguably, Section 404 is perhaps the most controversial aspect of Sarbanes‐Oxley Act due to its high audit fees. The results of this study would provide interesting findings to regulators and researchers.
Details
Keywords
Albert L. Nagy and William J. Cenker
This paper seeks to discuss the effect that the Sarbanes‐Oxley Act (SOA) had on both the nature of the external audit function and overall audit quality. Additionally, it aims to…
Abstract
Purpose
This paper seeks to discuss the effect that the Sarbanes‐Oxley Act (SOA) had on both the nature of the external audit function and overall audit quality. Additionally, it aims to discuss how audit firms maneuvered through the newly regulated environment, and what their strategic actions are for the future.
Design/methodology/approach
This discussion is based on interviews conducted with auditors from nine public accounting firms located in Northeast Ohio, United States of America. The sample consisted of five national and four regional firms, and the interviewees included mostly partners and a few senior managers.
Findings
The increased oversight and workload resulting from the SOA requirements has changed the nature of the external audit function to more compliance type work, and the environment has created much anxiety for the auditors. The new reform has significantly impacted the audit environment in terms of: scope of services; client assessment procedures; management and audit committee relationships with the external auditor; audit firm personnel management; and the long‐term outlook of the profession. The details of these impacts are discussed throughout the paper.
Research limitations/implications
This paper provides detailed insight as to how the SOA impacted the audit profession. Hopefully, such an understanding will benefit future research in measuring the costs and benefits of the new reform. Lastly, a future research showed further examine the effect that the SOA has had on overall audit quality.
Originality/value
This paper summarizes the insightful comments obtained in structured interviews with several leading audit professionals. The sample was judged to be highly knowledgeable of the changing audit environment caused by the SOA. With an improved understanding of its impacts, regulators, practitioners, and academics can better assess the effectiveness of the SOA.
Details
Keywords
This paper aims to explore the relationship between market share and performance of large accounting firms. It also investigates whether the performance of international…
Abstract
Purpose
This paper aims to explore the relationship between market share and performance of large accounting firms. It also investigates whether the performance of international accounting firms is better than that of non-international accounting firms.
Design/methodology/approach
This paper divides the empirical analysis into two stages. The first stage constructs a multiple regression model to explore the relationship between market share, international operations and the performance of large accounting firms. The second stage uses the Tobit regression model to identify the determinants of market share of international accounting firms.
Findings
Empirical results show that there is a significant, positive relationship between market share and performance, and that the performance of international accounting firms is better than that of non-international accounting firms. Second, from the perspective of business characteristics, the scope of the most international accounting firms is traditional auditing services; namely financial attestation and tax business services.
Practical implications
From the clients' viewpoint, market share is one of the key indices in determining the quality of the accounting firms' service.
Originality/value
As the market for auditing services in Taiwan is saturated, in the future, the accounting industry will be concerned with non-auditing services. It is suggested that the large accounting firms could follow the demand changes of their clients: employ professionals in various fields to provide specialized services, adjust the range of transnational and management consultant services, and operate management consultant services more aggressively. These measures would have advantages in a fiercely competitive market.
Details
Keywords
Joe Garcia, Russell Shannon, Aaron Jacobson, William Mosca, Michael Burger and Roberto Maldonado
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software…
Abstract
Purpose
This paper aims to describe an effort to provide for a robust and secure software development paradigm intended to support DevSecOps in a naval aviation enterprise (NAE) software support activity (SSA), with said paradigm supporting strong traceability and provability concerning the SSA’s output product, known as an operational flight program (OFP). Through a secure development environment (SDE), each critical software development function performed on said OFP during its development has a corresponding record represented on a blockchain.
Design/methodology/approach
An SDE is implemented as a virtual machine or container incorporating software development tools that are modified to support blockchain transactions. Each critical software development function, e.g. editing, compiling, linking, generates a blockchain transaction message with associated information embedded in the output of a said function that, together, can be used to prove integrity and support traceability. An attestation process is used to provide proof that the toolchain containing SDE is not subject to unauthorized modification at the time said critical function is performed.
Findings
Blockchain methods are shown to be a viable approach for supporting exhaustive traceability and strong provability of development system integrity for mission-critical software produced by an NAE SSA for NAE embedded systems software.
Practical implications
A blockchain-based authentication approach that could be implemented at the OFP point-of-load would provide for fine-grain authentication of all OFP software components, with each component or module having its own proof-of-integrity (including the integrity of the used development tools) over its entire development history.
Originality/value
Many SSAs have established control procedures for development such as check-out/check-in. This does not prove the SSA output software is secure. For one thing, a build system does not necessarily enforce procedures in a way that is determinable from the output. Furthermore, the SSA toolchain itself could be attacked. The approach described in this paper enforces security policy and embeds information into the output of every development function that can be cross-referenced to blockchain transaction records for provability and traceability that only trusted tools, free from unauthorized modifications, are used in software development. A key original concept of this approach is that it treats assigned developer time as a transferable digital currency.
Details
Keywords
- Software development
- Blockchain
- Cybersecurity
- Operational flight program
- Secure development environment
- Secure virtual machine
- Zero trust
- Embedded systems
- Mission-critical systems
- OFP
- DevOps
- DevSecOps
- Software support activity
- SSA
- SDE
- Permissioned blockchain
- Cryptocurrency
- Time-limited authorization for developer action
- TADA
- Code signing
- Trusted software guard
- SGX
- Trusted eXecution technology
- TXT
- Trusted platform module
- Self-hosting
- Controlled access blockchain
- CABlock
- Role-based access control
- RBAC
This paper aims to examine, through the lens of language expectancy theory (LET), how sustainability assurors use optimism and certainty in possible persuasion attempts. The paper…
Abstract
Purpose
This paper aims to examine, through the lens of language expectancy theory (LET), how sustainability assurors use optimism and certainty in possible persuasion attempts. The paper also explores a number of explanatory variables that could offer insights into the use of these verbal tones in sustainability assurance reports.
Design/methodology/approach
First, the paper relies on DICTION standard normalised optimism and certainty ranges in conjunction with descriptive statistics to analyse how sustainability assurors use optimism and certainty. Second, the paper uses quantile regression with robust standard errors to investigate the association between the measures of verbal tone used in this study and several possible explanatory variables.
Findings
Consistent with LET, the study documents that sustainability assurors exercise caution in using both certainty and optimism in persuasion attempts. The paper also finds that possible explanatory variables significantly associated with optimism include praise, assurance level, legal system and report location. However, reference to sustainability management control (SMC), status of assurance providers, praise, legal system and financial performance appear to explain the use of certainty.
Research limitations/implications
The paper does not, at this stage, claim causality between the two measures of verbal tone, on the one hand, and the possible explanatory variables explored, on the other hand. It rather reports their possible associations. Furthermore, the study only measures reference to management control system and not reliance on it.
Practical implications
The main findings of this study imply that the use of optimism and certainty exhibits likely cautious practice by assurors. Nevertheless, assurors are more likely to use certainty more flexibly and appear more discreet when using optimism.
Social implications
The findings of this paper also indicate how societal expectations play an important role in ensuring cautious persuasive behaviour by sustainability assurors in using verbal tones within sustainability assurance statements. This suggests that stakeholders may place reliance on attestations expressed in these statements.
Originality/value
The paper represents the first attempt to test LET in sustainability accounting by analysing verbal tones used by sustainability assurance providers. It contributes to the sustainability assurance literature in that it empirically demonstrates how sustainability assurors, as expert communicators, use optimistic tone and verbal certainty in careful persuasion attempts.
Details