The role of accounting and professional associations in IT security auditing: An AMCIS panel report


Information systems security is a critical area of inquiry and closely allied with IT audit skills from the accounting discipline. While accounting scholars are well informed about IT audits, information systems scholars interested in the security aspects of IT audits sometimes lack knowledge about the process through which scholars and professionals become security and audit experts in order to assess the quality of information-security implementations. IT audit knowledge enriches cybersecurity professors for both teaching and research. Individuals skilled in accounting, such as graduates from combined accounting/information systems departments in business schools, are naturally oriented to industry certification groups and their professional certifications, but mainstream IT academics are not. In this paper, we report on a panel discussion at AMCIS 2017 that focused on how researchers and educators who seek professional certifications offered by organizations such as the Information Systems Audit and Control Association (ISACA) can gain much richer knowledge of and insights into IT security assurance, which they can use for both teaching and research purposes. Such certifications provide valuable perspectives for the classroom and for research and are useful for IT professors interested in all aspects of security.

Publication Title

Communications of the Association for Information Systems