Page 1
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
356
JULY 2013
VOL 5, NO 3
THE EFFECT OF GENERAL CONTROLS OF INFORMATION
SYSTEM AUDITING IN THE PERFORMANCE OF INFORMATION
SYSTEMS :FIELD STUDY
Mansour Naser ALraja Assistant Professor of Management Information Systems, Jerash University-Jordan
post code 26150 JORDAN
Nayef Rage ALomiam
Assistant Professor of public Administration, Jerash University-Jordan
Abstract This study aimed to determine the role played by the general controls of information systems auditing in
improving the performance of information systems in banks listed in the Amman Stock Exchange. To achieve
the objectives and testing of hypotheses a questionnaire was developed especially for the
collection of data from a study sample, which consisting of (64) employees at banks listed in
Amman Stock Exchang , the number of questionnaires analyzed are (52), representing (81.25 %) of
the questionnaires distributed. By using appropriate statistical tests, results of the study
showed that banks listed in Amman Stock Exchang apply General controls of information systems
auditing in general, also it found that there is a significant relationship between general
controls of information systems auditing and information systems performance, and general
controls of information systems auditing has a significant impact on information systems
performance.
Keywords: General controls, Information systems, Auditing, performance, Bank, Amman Stock
Exchange.
1. Introduction The need to provide strategic information for all concerned levels, is one of the challenges faced by most
companies in the digital economy, which is witnessing a revolution of the developments and changes at different
levels of economic and social in general and technological especially, information is the core of the
administrative leader work in the business. When the need for efficiently and effectively information increase,
that raise the required for controls and standards include a methodology of systems development review, and
review of the used systems documentation, and also to confirm the effectiveness of legal controls which used at
bank. All this is done by the process of systems auditing, by reviewing all stages of developing the systems and
confirm appropriate controls, and identification and application it, as a result that reducing the economic cost of
the systems and improve the quality of information provided by the systems and thus increase the system's ability
to adapt to the latest changes, leading to achievement of objectives, so this study came to focus on this vital
subject and important in one of the important sectors in Jordan, which is facing increasing competition, it is the
private banking sector.
2. Study objectives This study aimed to determine the role played by the general controls of information systems
auditing in improving the performance of information systems in banks listed in the Amman
Stock Exchange. We can subdivide this main goal into following goals:
- Determine the role of general controls of information systems auditing in improving the
quality of information provided by the systems
- Determine the role of general controls of information systems auditing in increase the
contribution of information systems to achieve the objectives of the bank.
- Determine the role of general controls of information systems auditing in facilitate the
adaptation of systems with the latest changes.
- Determine the role of general controls of information systems auditing in reducing the
economic cost of the systems.
Page 2
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
357
JULY 2013
VOL 5, NO 3
3. Literature Review
3.1. General Controls of Information System Auditing As soon as data and management procedures are handled by automated systems, Information
Systems Auditing comes into place. This includes new methodologies and control techniques,
pertinent to an automated environment. Information System Auditing requires an opinion
about the Information Systems and data that they process. The data must be accurate,
complete and authorized. Errors must be properly detected and corrected in time and there
must be planned and accurate procedures to guarantee the continuation of operations(Piattini,
2000). Ron Weber has defined IS audit as "the process of collecting and evaluating evidence
to determine whether a computer system (information system) safeguards assets, maintains
data integrity, achieves organizational goals effectively and consumes resources efficiently."
(Sayana, 2002).
Information System Auditing Objectives: The general Information System Auditing
Objectives are as Follows (Piattini, 2000):
• Validation of the organizational aspects and administration of the Information Service
function.
• Validation of the controls of the system development life cycle.
• Validation of access controls to installations, terminals, libraries, etc.
• Automation of Internal Auditing activities.
• Internal Training.
• Training members of the Information Service Function Department
• Collaboration with External Auditors
Controls: consist of all the methods, policies, and organizational procedures that ensure the
safety of the organization's assets, the accuracy and reliability of its accounting records, and
operational adherence to management standards.
Control Objectives: In general, the major control objectives are considered to be as follows
(Piattini, 2000):
• Safeguarding of assets
• Guarantee data accuracy, reliability and authorization
• Operation efficiency
• Compliance with organizational policies and procedures
Types of IS audit(Auditor General’s, 2006):
- Audit of IS general controls.
- Audit of application controls.
- Audit of IS development controls.
- IS performance audit.
3.2. performance of information systems Information systems “is a group of components that interact to produce information”
(Kroenke,4,2007), also, “an information systems collects, processes, stores, analyzes, and
disseminates information for a specific purpose. While Computer-based information system is
an information system that uses computer technology to perform some or all of its intended
tasks”(Turban and others, 2006), information systems exist help business achieve their goals
and objectives, as we know business themselves do not do anything and it cannot act. It is the
people within a business who sell, buy, design, produce, finance, market, account, and
manage. So information systems exist to help people who work in a business to achieve the
goals and objectives of that business(Kroenke, 2007). The basic components of information
system are: hardware, software, database, networks, procedures, and people(Turban and
others, 2006).
Page 3
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
358
JULY 2013
VOL 5, NO 3
A number of important forces affect the pace and effectiveness of progress in using
information systems and in delivering business benefits. The relative weighting of each factor
varies over time, and will also vary from one organization to another. These factors
include(Ward and Peppard, 2002): 1. the capabilities of the technology;
2. the economics of deploying the technology;
3. the applications that are feasible;
4. the skills and abilities available, either in-house or from external sources, to develop
the applications;
5. the skills and abilities within the organization to use the applications;
6. the pressures on the particular organization or its industry to improve performance. The top ten dimensions of Information Systems performance (Chang, 2001):
1. Information Systems impact on strategic direction;
2. Integration of Information Systems planning with corporate planning;
3. Quality of information outputs;
4. Information Systems contribution to organizational financial performance;
5. Information Systems function operational efficiency;
6. User/management attitudes about Information Systems function;
7. Information Systems staff competence;
8. Integration with related technologies across other organizational units;
9. Adequacy of system development practice; and
10. Ability of Information Systems function to identify and assimilate new technologies
3.3. Related Works (Allinson, 2001) in this study Information on principles, techniques and processes used, and
the reason for the recording, storing and releasing of audit information for evidentiary
purposes have been studied. It is shown that most organizations studied generate and retain
audit trails but the approach is not consistent nor is it comprehensive. It is suggested that these
materials would not withstand a serious legal challenge. (Buchanan & Gibb, 2007) This
study discusses three challenges to current practice: limited guidance on management of
scope; ambiguous linkage to related ICT development processes; and the lack of a standard
methodological approach. In response to these challenges, the role and scope of the IA is re-
examined, key relationships to information strategy and information system architecture (ISA)
are defined and mapped, and a two-dimensional matrix is proposed to manage scope.
(Buchanan & Gibb, 2008) they consider the comprehensiveness, applicability, and usability
of four commonly cited information audit methodologies. Comprehensiveness considers the
conceptual, logical, and structural completeness of each methodological approach.
Applicability considers the scope of each approach, and the ability to tailor the approach to
individual organizational requirements. Usability considers the perceived ease with which
each approach can be adopted and applied. A methodological baseline has also been
established, which provides a reusable framework to guide future methodology selection, and
for developing an individual or tailored approach to the information audit. Also (Buchanan &
Gibb, 2008) in the next study they present and discuss five information audit (IA) case
studies, which tested the application and usability of an IA methodology. The studies also
trailed an IA scope matrix and incorporated process modeling. The main strengths of the IA
methodology were found to be the logical structuring of stages, provision of a comprehensive
toolkit, and the flexibility to remove stages not relevant to the client brief. A limitation of the
methodology was found to be its lack of instructional depth. The IA scope matrix was
Page 4
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
359
JULY 2013
VOL 5, NO 3
successfully trailed, and process modelling proved extremely valuable, encouraging
participant involvement by focusing on readily understandable aspects of day-to-day work,
and providing an organizational model of information flow. (Philee, 2009) Hamed and Hoda
Philee considered that the information technology and business internal controls as a major
factor for business security, they found the IT usage need to strong internal controls .
4. Study Questions We can summarize the main problem of the study by asking: what is the impact of general
controls of information systems auditing in the performance of information systems in banks
listed in the Amman Securities Exchangee? We can subdivide this main question into
following questions:
- what is the impact of general controls of information systems auditing in improving the
quality of information provided by the systems?
- what is the impact of general controls of information systems auditing in increase the
contribution of information systems to achieve the objectives of the bank?
- what is the impact of general controls of information systems auditing in facilitate the
adaptation of systems with the latest changes?
- what is the impact of general controls of information systems auditing in reducing the
economic cost of the systems?
5. Hypothesis and Study Model To answer the study questions, the research depend on the following main hypothesis: There
is a significant effect of general controls of information systems auditing on the performance
of information systems in banks listed in the Amman Securities Exchange? And subdivided
by the following assumptions:
- There is a significant effect of general controls of information systems auditing on
improving the quality of information provided by the systems?
- There is a significant effect of general controls of information systems auditing on increase
the contribution of information systems to achieve the objectives of the bank?
- There is a significant effect of general controls of information systems auditing on facilitate
the adaptation of systems with the latest changes?
- There is a significant effect of general controls of information systems auditing on economic
cost of the systems?
General Controls of Information Information Systems Performance
systems Auditing
Information systems
Strategy.
Documentation
Legal Controls to
protect Information
Systems
Quality of information
Information system
contribution
The system's ability to adapt
to the new changes
Economic cost of the system
Page 5
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
360
JULY 2013
VOL 5, NO 3
6. Methodology
6.1. Population and Sample The target population for this study comprised all the Banks listed in Amman Securities Exchange. A sample of
(8) banks were chosen randomly from the targeted population, 58 questionnaires were distributed, the response
rate was about 81.25 % (52 usable responses).
6.2. Data Collection Secondary data was collected based on the findings of published papers, articles, books, prior studies, and the
World Wide Web. The primary data collection was carried out using a self-designed questionnaire, this
adopted instrument comprises three sections, the first section covers the demographic information (Gender, Age,
Period of working at bank, Education ), the second section contains (18) items measuring Information systems
performance, the third section measures general controls of Information systems auditing through (21) items
also, Five Likert-type scales were used to score the responses.
6.3. Instrument Reliability The reliability of data collected instrument was measured using Cronbach's alpha coefficient;
the reliability test was conducted to check for inter-item correlation in each of the variables in
the questionnaire. The closer Cronbach's alpha is to one, the higher the internal consistency
reliability (Sekaran, 2003). The test results are as follows: Cronbach alpha for Independent
Variable = 0.785, Cronbach alpha for dependent Variable = 0.899, Cronbach alpha for over all
instruments = 0.912 which approached to the acceptable limit.
6.4. Data Analysis Methods Statistical Package for Social Sciences (SPSS) was used to analyze the data. Descriptive
techniques such as; frequencies, percentages, means, standard deviation (Std.) and coefficient
of variation were used to describe the variables. Spearman correlation and multiple regression
analysis were used to test hypothesis of the study.
7. Statistics Analysis and Hypothesis Testing
7.1. Analysis of Personal and Functional Characteristics We used several questions to find out the distribution of the study sample, according to
personal and functional characteristics, such as gender, age, Period of working at bank, and
Education. Table (1) shows these properties. Table (1) Personal and Functional Characteristics (N=52)
Variable Frequency Percent
GENDER male 28 53.8
female 24 46.2
AGE
less than 30 years 20 38.5
31 - 40 19 36.5
41 - 50 8 15.4
51 and more 5 9.6
EDUCATION
pre bachelor 5 9.6
bachelor 39 69.2
MBA & PhD 11 21.2
Period of working at
bank
5 years and less 21 40.4
from 6 to 10 18 34.6
from 11 to 15 10 19.2
16 and more 3 5.8
Page 6
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
361
JULY 2013
VOL 5, NO 3
7.2. Study variables Description To determine the availability of the study variables, we divided the main independent variable into three major
dimensions, and the dependent variable into four major dimensions, each dimension was measured with a set of
indicators shown in the table(2).
Table (1) variables Description Characteristics (N=52)
Std. Mean Questions No.
1.27911 3.8269 There is a clear definition of the vision and mission of information systems. 1
1.10258 4.0000 There is a clear methodology for strategic planning for information systems linked to the
overall strategy of the bank. 2
1.16040 4.2885 Strategic plan identifies key priorities for information systems, and resources that
systems need. 3
1.02826 3.9615 Information systems unit is involved in building and implement the overall strategy of
the bank. 4
.81175 4.0192 (x1) information systems Strategy.
.91638 3.9423 The bank Documents all procedures used in data collection. 5
.99528 4.0962 The Bank has a mechanism to make sure that the data collected, is in conformity with the
procedures adopted by the bank. 6
.94972 4.0000 The Bank has written standards describe where and when the operating procedures
perform. 7
1.16170 3.9423 The performance of information systems performance is Measured by documented
standards. 8
1.17734 3.5769 There is a standard format for recording data. 9
1.08535 3.8077 All models adopted by the bank, dated. 10
1.14338 3.7115 The name of person or entity which collect the data is specified on these forms. 11
1.06359 3.9231 The auditing of the data recorded, done by another specialist. 12
1.16946 3.7500 The bank relies specific actions are periodically carried out to ensure the accuracy of the information system.
13
.67492 3.8611 (x2) Documentation.
1.32088 4.0192 The Bank uses passwords and smart cards to verify the identity of persons and data
sources. 14
1.17349 3.7308 To protect data against illegal use, the bank determine the responsibilities of access to
data and to deal with it. 15
1.18865 3.8654 protection procedures Increase whenever the importance of data Increase. 16
1.07400 3.9423 The bank use the data encryption technology to protect it from change and replacement. 17
1.16575 3.8846 To protect the data, bank uses a system to registration the date and time of the codes, turn
it off, suspended, restarted, and cancellation. 18
1.21826 3.9231 There is deterrent procedures against those who display the system and information to
penetrate and danger. 19
1.15209 4.0769 Bank relies protection standards comparable to international used standards. 20
.92803 3.9615 The bank regulations require that the users of information systems must be expertise and
competence. 21
.82034 3.9255 (x3) Legal Controls to protect Information Systems
.48723 3.9158 (X) General Controls of Information Systems Auditing
1.33409 4.1538 The information which provided by the systems is Features with modernity. 22
1.07400 3.9423 The information is provided at the right time. 23
1.04787 4.0000 The provided information is featured with the sincerity and consistency. 24
.95762 4.1538 The provided information is featured with the accurate, realistic and concise.. 25
1.25290 3.8654 The provided information is featured with the flexibility. 26
1.05701 3.9808 Information is provided according to the requirements of beneficiary using multiple
methods. 27
Page 7
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
362
JULY 2013
VOL 5, NO 3
.79367 4.0160 (y1) Quality of information provided by systems
1.17091 3.9615 The current Information systems is correspond with requirements of decisions relating to
the achievement of the objectives of the Bank in general. 28
1.13094 3.7692 Information systems which used in the bank, guarantee provide service to all units and
departments in the bank. 29
1.06571 4.0385 There is an integration and mutual coordination between the different departments in the
Bank, to use information from the placed plans, correspondence with the unity and
stability of the objectives to be achieved. 30
1.41208 3.9231 Information systems which used at the bank, helps to quickly provide information in
response to customer requirements. 31
1.15258 3.7500 Information systems which used at the bank, enables to complete doing daily works
immediately on-line. 32
.83117 3.8885 (y2)Information system contribution to achieving the objectives of the bank
1.19245 3.9038 Information systems which used at the bank is featured with highly efficient of storage,
classification, retrieval, and update data and information that I need in my work. 33
1.18818 4.0000 Information provided by the information systems which used at the bank meet the needs
of decision makers at all administrative levels. 34
.98000 4.0192 Information systems which used at the bank is featured with ability to provide the
information in spite of the size growing and diversity of operations. 35
1.09072 3.7885 The information has the required of accuracy and reliability in spite of the size growing
of operations. 36
.76750 3.9279 (y3) The system's ability to adapt to the new changes
1.17718 3.7885 Information provided by the current Information Systems provides useful return justify
their cost. 37
1.17220 3.8077 Usually I get better results for my decisions when I depend on information provided by
the system. 38
1.22628 3.5769 Information systems helps to strengthen the financial position of the bank by reducing
costs and increasing sales. 39
.93287 3.7244 (y4) Economic cost of the system
.70112 3.9124 (Y) Information Systems Performance
7.2.1. General Controls of Information System Auditing As it clear from the table (2) the total mean is (3.9158), and the answers of the study sample on these
dimensions were close, the standard deviation indicates that, which was (.48723), which reflects the perception
of respondents to the importance of General Controls of Information System Auditing, this importance was
according to the views of sample members, arranged as follows: information systems Strategy with mean
(4.0192) and a standard deviation (.81175), second place Legal Controls to protect Information Systems with
mean (3.9255) and a standard deviation (.82034), and came Documentation in third place with mean (3.8611)
and a standard deviation (.67492)
7.2.2. performance of information systems Also from the table (2) we can see the total mean of information systems performance is (3.9124), and the
answers of the study sample on these dimensions were very close, the standard deviation indicates that, which
was (.70112), the arrangement of these dimensions according to the sample members opinion, as follows:
Quality of information provided by systems with mean (4.0160) and a standard deviation (.79367), second place
The system's ability to adapt to the new changes with mean (3.9279) and a standard deviation (.76750) , third
place Information system contribution to achieving the objectives of the bank with mean (3.8885) and a standard
deviation (.83117), and Economic cost of the system came in fourth place with mean (3.7244) and a standard
deviation (.93287).
Page 8
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
363
JULY 2013
VOL 5, NO 3
7.3. Hypothesis Testing We used Pearson's test to identify if there is relationship between General Controls of
Information System Auditing and performance of information systems, As it seen in Table
(3), the output indicates that there is a positive significant correlation at (P≤0.01) between
General Controls of Information System Auditing and information systems performance,
which implies that the Banks which listed in Amman Securities Exchange focus on
information systems audit to improve the systems performance but they must give more
important to the information systems auditing in the future (r = 0.725), also we can note that
there is no relationship Legal Controls to protect Information Systems and performance of
information systems and sometimes sounds negative .
Table (3) Correlations (N=52)
X x1 x2 x3
Y Pearson Correlation .725** .803** .861** -.063
Sig. (2-tailed) .000 .000 .000 .656
N 52 52 52 52
y1 Pearson Correlation .647** .793** .749** -.077
Sig. (2-tailed) .000 .000 .000 .590
N 52 52 52 52
y2 Pearson Correlation .676** .776** .806** -.076
Sig. (2-tailed) .000 .000 .000 .590
N 52 52 52 52
y3 Pearson Correlation .449** .437** .647** -.115
Sig. (2-tailed) .001 .001 .000 .418
N 52 52 52 52
y4 Pearson Correlation .672** .637** .700** .085
Sig. (2-tailed) .000 .000 .000 .550
N 52 52 52 52
** Correlation is significant at the 0.01 level (2-tailed).
* Correlation is significant at the 0.05 level (2-tailed).
Page 9
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
364
JULY 2013
VOL 5, NO 3
Multiple regression analysis was conducted to test the hypotheses. Multiple regression
identifies how much of the variance in the dependent variable will be explained when a set of
variables is able to predict a particular outcome. Using multiple regression analysis is subject
to normality of the data.
Hypothesis 1: Table (4) Model Summary
Model R R Square
Adjusted R
Square
Std. Error of the
Estimate
1 .840a .705 .687 .44419
a. Predictors: (Constant), x3, x1, x2
Table (5) ANOVAb
Model Sum of Squares df Mean Square F Sig.
1 Regression 22.655 3 7.552 38.274 .000a
Residual 9.471 48 .197
Total 32.126 51
a. Predictors: (Constant), x3, x1, x2
b. Dependent Variable: y1
Table (6) Coefficientsa
Model
Unstandardized Coefficients
Standardized
Coefficients
B Std. Error Beta t Sig.
1 (Constant) .148 .505 .293 .771
x1 .516 .106 .528 4.854 .000
x2 .451 .129 .384 3.510 .001
x3 .013 .076 .013 .168 .867
a. Dependent Variable: y1
adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially (x1)
information systems Strategy and (x2) Documentation) as it seen in table (6) affect directly in order (β =
0.528, 0.384, P0.01) on Information Quality, as it shown from table (4) (R2 = 0. 705) This means that General
Controls of Information Systems Auditing have been interpreted (70.5%) of the variance in Information Quality
that provided by Information systems, and also we noted from table (5) that the value of the statistical test (F =
38.274) is statistically significant at (P 0.01). this analysis lead us to accept the first hypothesis which said:
“There is a significant effect at level (P 0.01) of general controls of information systems auditing on
improving the quality of information provided by the systems”.
Page 10
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
365
JULY 2013
VOL 5, NO 3
Hypothesis 2:
Table (7) Model Summary
Model R R Square
Adjusted R
Square
Std. Error of the
Estimate
1 .861a .741 .725 .43608
a. Predictors: (Constant), x3, x1, x2
Table (8) ANOVAb
Model Sum of Squares df Mean Square F Sig.
1 Regression 26.105 3 8.702 45.759 .000a
Residual 9.128 48 .190
Total 35.233 51
a. Predictors: (Constant), x3, x1, x2
b. Dependent Variable: y2
Table (9) Coefficientsa
Model
Unstandardized Coefficients
Standardized
Coefficients
B Std. Error Beta t Sig.
1 (Constant) -.381 .496 -.767 .447
x1 .428 .104 .418 4.100 .000
x2 .638 .126 .518 5.059 .000
x3 .021 .075 .021 .282 .779
a. Dependent Variable: y2
adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially (x2)
Documentation and (x1) information systems Strategy) as it seen in table (9) affect directly in order (β =
0.518, 0.418, P0.01) on information systems contribution to achieve the bank goals, as it shown from table (7)
(R2 = 0.741) This means that General Controls of Information Systems Auditing have been interpreted (74.1%)
of the variance in information systems contribution to achieve the bank goals, and also we noted from table (8)
that the value of the statistical test (F = 45.759) is statistically significant at (P 0.01). this analysis lead us to
accept the second hypothesis which said: “There is a significant effect at level (P 0.01) of general controls of
information systems auditing on increase the contribution of information systems to achieve the objectives of the
bank”.
Page 11
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
366
JULY 2013
VOL 5, NO 3
Hypothesis 3:
Table (10) Model Summary
Model R R Square
Adjusted R
Square
Std. Error of the
Estimate
1 .648a .420 .384 .60246
a. Predictors: (Constant), x3, x1, x2
Table (11) ANOVAb
Model Sum of Squares df Mean Square F Sig.
1 Regression 12.620 3 4.207 11.590 .000a
Residual 17.422 48 .363
Total 30.042 51
a. Predictors: (Constant), x3, x1, x2
b. Dependent Variable: y3
Table (12) Coefficientsa
Model
Unstandardized Coefficients
Standardized
Coefficients
B Std. Error Beta t Sig.
1 (Constant) 1.258 .685 1.835 .073
x1 -.022 .144 -.023 -.149 .882
x2 .749 .174 .658 4.294 .000
x3 -.034 .104 -.036 -.329 .744
a. Dependent Variable: y3
adopt to the results of regression analysis, the General Controls of Information Systems Auditing (especially (x2)
Documentation) as it seen in table (12) affect directly (β = 0.658, P0.01) on the system ability to convoy rapid
changes, as it shown from table (10) (R2 = 0.420) This means that General Controls of Information Systems
Auditing have been interpreted (42%) of the variance in the system ability to convoy rapid changes, as it shown
from table, and also we noted from table (11) that the value of the statistical test (F = 11.590) is statistically
significant at (P 0.01). this analysis lead us to accept the third hypothesis which said: “There is a significant
effect at level (P 0.01) of general controls of information systems auditing on facilitate the adaptation of
systems with the latest changes”.
Page 12
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
367
JULY 2013
VOL 5, NO 3
Hypothesis 4:
Table (13) Model Summary
Model R R Square
Adjusted R
Square
Std. Error of the
Estimate
1 .751a .564 .536 .63513
a. Predictors: (Constant), x3, x1, x2
Table (14) ANOVAb
Model Sum of Squares df Mean Square F Sig.
1 Regression 25.020 3 8.340 20.675 .000a
Residual 19.363 48 .403
Total 44.382 51
a. Predictors: (Constant), x3, x1, x2
b. Dependent Variable: y4
Table (15) Coefficientsa
Model
Unstandardized Coefficients
Standardized
Coefficients
B Std. Error Beta t Sig.
1 (Constant) -1.158 .723 -1.603 .116
x1 .334 .152 .291 2.195 .033
x2 .718 .184 .520 3.909 .000
x3 .195 .109 .172 1.788 .080
a. Dependent Variable: y4
depending on the results of regression analysis, the General Controls of Information Systems Auditing
(especially (x2) Documentation) as it seen in table (15) affect directly (β = 0.261, P0.01) on economic cost of
systems, as it shown from table (13) (R2 = 0. 564) This means that General Controls of Information Systems
Auditing have been interpreted (56.4%) of the variance in the economic cost of systems, and also we noted from
table (14) that the value of the statistical test (F = 20.675) is statistically significant at (P 0.01). this analysis
lead us to accept the fourth hypothesis which said: “There is a significant effect at level (P 0.01) of general
controls of information systems auditing on economic cost of the systems”.
Page 13
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
368
JULY 2013
VOL 5, NO 3
Main Hypothesis: Table (16) Model Summary
Model R R Square
Adjusted R
Square
Std. Error of the
Estimate
1 .908a .824 .813 .30349
a. Predictors: (Constant), x3, x1, x2
Table (17) ANOVAb
Model Sum of Squares df Mean Square F Sig.
1 Regression 20.649 3 6.883 74.727 .000a
Residual 4.421 48 .092
Total 25.070 51
a. Predictors: (Constant), x3, x1, x2
b. Dependent Variable: Y
Table (18) Coefficientsa
Model
Unstandardized Coefficients
Standardized
Coefficients
B Std. Error Beta t Sig.
1 (Constant) .030 .345 .087 .931
x1 .342 .073 .396 4.704 .000
x2 .614 .088 .591 6.989 .000
x3 .035 .052 .041 .673 .504
a. Dependent Variable: Y
As it clear from the results of regression analysis, the General Controls of Information Systems Auditing
(especially (x2) Documentation and (x1) information systems Strategy) as it seen in table (18) affect directly
in order (β = 0.591, 0.396, P0.01) on Information systems Performance (quality of information provided
by systems, information system contribution to achieving the objectives of the bank, the system's ability to
adapt to the new changes, economic cost of the system), as it shown from table (16) (R2 = 0.824) This
means that General Controls of Information Systems Auditing have been interpreted (82.4%) of the variance in
Information systems Performance, and also we noted from table (17) that the value of the statistical test (F =
74.727) is statistically significant at (P 0.01). this analysis lead us to accept the main hypothesis which said:
“There is a significant effect at level (P 0.01) of general controls of information systems auditing on the
performance of information systems in banks listed in the Amman Securities Exchange”.
Page 14
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
369
JULY 2013
VOL 5, NO 3
8. Conclusions After analyzing the data and testing the hypotheses, the following major conclusions were
reached: 1. General controls of information systems auditing dimensions (Information Systems Strategy,
Documentation, and Legal Controls) are provided in high percentages with a mean
(4.0192, 3.8611, 3.9255) compared with the expected mean which is (3).T
2. here is significant statistical relationship between general controls of information systems
auditing and information systems performance at the confidence level (P≤0.01).
3. The study revealed that general controls of information systems auditing have a significant
statistical impact on information systems performance and explains (82.4%) of the
variation in information systems performance
9. Recommendations According to the findings of this study we can give some suggestions, might be they can help
managers in the banks that listed at Amman Securities Exchange if they use them effectively.
1. Banks that listed at Amman Securities Exchange highly encouraged to illustrate the strong
relationship between general controls of information systems auditing and information
systems performance especially Legal Controls to protect Information Systems.
2. Banks that listed at Amman Securities Exchange highly encouraged to develop a clear
strategy allow them to increase the role of general controls of information systems
auditing in improvement Economic cost of the system, and Information system
contribution to achieving the objectives of the bank.
3. reinforcement the role of general controls of information systems auditing in raising
Quality of information provided by systems, andThe system's ability to adapt to the new
changes
Page 15
ijcrb.webs.com
INTERDISCIPLINARY JOURNAL OF CONTEMPORARY RESEARCH IN BUSINESS
COPY RIGHT © 2013 Institute of Interdisciplinary Business Research
370
JULY 2013
VOL 5, NO 3
References
1. Steven Buchanan, Forbes Gibb, The information audit: Theory versus practice,
International Journal of Information Management 28 (2008) 150–160.
2. Steven Buchanan, Forbes Gibb, The information audit: Methodology selection,
International Journal of Information Management 28 (2008) 3-11.
3. Steven Buchanan, Forbes Gibb, The information audit: Role and scope, International
Journal of Information Management 27 (2007) 159–172.
4. Caroline Allinson, Information Systems Audit Trails in Legal Proceedings as
Evidence, Computers & Security Vol.20, No.5, pp.409-421, 2001.
5. Hamed and Hoda Philee, Information Technology and Internal Controls, February 6,
2009, http://ssrn.com/. 6. Western Australian Auditor General’s Report, Information Systems Audit Report,
Report 2– April 2009.
7. The Auditor General’s, Methodological Recommendations for Information Systems
Audit, Order No. V-65 of 27 April 2006.
8. Mario Piattini, Auditing information systems , Chapter I, Basic Concepts of
Information System Auditing, Rafael Rodríguez de Cora, 2000, IDEA Group
Publishing.
9. Anantha Sayana, The Information System Audit Process, Information Systems
Control Journal, Volume 1, 2002. 10. IS AUDITING PROCEDURE EVALUATION OF MANAGEMENT CONTROLS
OVER ENCRYPTION METHODOLOGIES DOCUMENT P9, 2009 ISACA.
11. IS AUDITING PROCEDURE IRREGULARITIES AND ILLEGAL ACTS
DOCUMENT P7, 2009 ISACA.
12. IS AUDITING GUIDELINE, G6 MATERIALITY CONCEPTS FOR AUDITING
INFORMATION SYSTEMS, 2009 ISACA.
13. IS AUDITING GUIDELINE FOLLOW-UP ACTIVITIES DOCUMENT G35 , 2009
ISACA.
14. IS AUDITING GUIDELINE, G8 AUDIT DOCUMENTATION, 2009 ISACA.
15. IS AUDITING GUIDELINE, G39 IT ORGANISATION, 2009 ISACA.
16. IS AUDITING PROCEDURE, P1 IS RISK ASSESSMENT MEASUREMENT, 2009
ISACA.
17. Ward, John and Peppard, Joe (2002) Strategic Planning for Information Systems,
Third Edition, John Wiley & Sons Ltd, England
18. Kroenke, David M. (2007), Using MIS, Pearson Education, Inc, New Jersey.
19. Turban, Efraim and leidner, Dorothy and Mclean, Ephraim and Wetherbe, James with
contribution by: Chung, Christy and Tse, Daniel and Lew, Maggie (2006),
Information Technology for management transforming organizations in the
digital economy, 5th
Edition, John Wiley & sons, Inc.
20. Chang, Cha-Jan Jerry(2001), the development of a measure to assess the performance
of the information systems function: a multiple-constituency approach, PhD thesis,
Faculty of the Katz Graduate School of Business, University of Pittsburgh.