Anomaly Detection for Soft Security in Cloud Based Auditing of Accounting Systems

Postprin

Enhancing Cloud Security and Privacy: The Cloud Audit Problem

Publisher PD

Artificial Intelligence & Machine Learning in Finance: A literature review

In the 2020s, Artificial Intelligence (AI) has been increasingly becoming a dominant technology, and thanks to new computer technologies, Machine Learning (ML) has also experienced remarkable growth in recent years; however, Artificial Intelligence (AI) needs notable data scientist and engineers’ innovation to evolve. Hence, in this paper, we aim to infer the intellectual development of AI and ML in finance research, adopting a scoping review combined with an embedded review to pursue and scrutinize the services of these concepts. For a technical literature review, we goose-step the five stages of the scoping review methodology along with Donthu et al.’s (2021) bibliometric review method. This article highlights the trends in AI and ML applications (from 1989 to 2022) in the financial field of both developed and emerging countries. The main purpose is to emphasize the minutiae of several types of research that elucidate the employment of AI and ML in finance. The findings of our study are summarized and developed into seven fields: (1) Portfolio Management and Robo-Advisory, (2) Risk Management and Financial Distress (3), Financial Fraud Detection and Anti-money laundering, (4) Sentiment Analysis and Investor Behaviour, (5) Algorithmic Stock Market Prediction and High-frequency Trading, (6) Data Protection and Cybersecurity, (7) Big Data Analytics, Blockchain, FinTech. Further, we demonstrate in each field, how research in AI and ML enhances the current financial sector, as well as their contribution in terms of possibilities and solutions for myriad financial institutions and organizations. We conclude with a global map review of 110 documents per the seven fields of AI and ML application.   Keywords: Artificial Intelligence, Machine Learning, Finance, Scoping review, Casablanca Exchange Market. JEL Classification: C80 Paper type: Theoretical ResearchIn the 2020s, Artificial Intelligence (AI) has been increasingly becoming a dominant technology, and thanks to new computer technologies, Machine Learning (ML) has also experienced remarkable growth in recent years; however, Artificial Intelligence (AI) needs notable data scientist and engineers’ innovation to evolve. Hence, in this paper, we aim to infer the intellectual development of AI and ML in finance research, adopting a scoping review combined with an embedded review to pursue and scrutinize the services of these concepts. For a technical literature review, we goose-step the five stages of the scoping review methodology along with Donthu et al.’s (2021) bibliometric review method. This article highlights the trends in AI and ML applications (from 1989 to 2022) in the financial field of both developed and emerging countries. The main purpose is to emphasize the minutiae of several types of research that elucidate the employment of AI and ML in finance. The findings of our study are summarized and developed into seven fields: (1) Portfolio Management and Robo-Advisory, (2) Risk Management and Financial Distress (3), Financial Fraud Detection and Anti-money laundering, (4) Sentiment Analysis and Investor Behaviour, (5) Algorithmic Stock Market Prediction and High-frequency Trading, (6) Data Protection and Cybersecurity, (7) Big Data Analytics, Blockchain, FinTech. Further, we demonstrate in each field, how research in AI and ML enhances the current financial sector, as well as their contribution in terms of possibilities and solutions for myriad financial institutions and organizations. We conclude with a global map review of 110 documents per the seven fields of AI and ML application.   Keywords: Artificial Intelligence, Machine Learning, Finance, Scoping review, Casablanca Exchange Market. JEL Classification: C80 Paper type: Theoretical Researc

Development of Accounting Curriculum Model Based on Industrial Revolution Approach

This study aims to develop an accounting curriculum with the Industry 4.0 approach. The specific target expected from this study is to produce curriculum designs that can be used as input in the revision of the curriculum in the Public Finance Accounting Program and the Accounting Study Program planned to be implemented in 2020. While the long-term target of the results of this study is the availability of a curriculum that can accommodate market needs , so that graduates of Accounting and Public Financial Accounting Study Programs have competitive competence and knowledge. Specific and long-term goals can be achieved by conducting deep interviews with several industrial and banking companies to identify the needs of the industrial world for accounting graduates. From the results of the study it was identified that there was a shift in the role of accountants, where this shift in role caused a shift in hardskill and soft skills that must be owned by an accountant. In addition, accommodating changes that occur can use two approaches, namely by inserting topics in existing subjects, or by creating new courses. Keywords: Development, Curriculum, Industrial Revolution 4.0 DOI: 10.7176/RJFA/11-2-12 Publication date: January 31st 2020

Security Audit Compliance for Cloud Computing

Cloud computing has grown largely over the past three years and is widely popular amongst today's IT landscape. In a comparative study between 250 IT decision makers of UK companies they said, that they already use cloud services for 61% of their systems. Cloud vendors promise "infinite scalability and resources" combined with on-demand access from everywhere. This lets cloud users quickly forget, that there is still a real IT infrastructure behind a cloud. Due to virtualization and multi-tenancy the complexity of these infrastructures is even increased compared to traditional data centers, while it is hidden from the user and outside of his control. This makes management of service provisioning, monitoring, backup, disaster recovery and especially security more complicated. Due to this, and a number of severe security incidents at commercial providers in recent years there is a growing lack of trust in cloud infrastructures. This thesis presents research on cloud security challenges and how they can be addressed by cloud security audits. Security requirements of an Infrastructure as a Service (IaaS) cloud are identified and it is shown how they differ from traditional data centres. To address cloud specific security challenges, a new cloud audit criteria catalogue is developed. Subsequently, a novel cloud security audit system gets developed, which provides a flexible audit architecture for frequently changing cloud infrastructures. It is based on lightweight software agents, which monitor key events in a cloud and trigger specific targeted security audits on demand - on a customer and a cloud provider perspective. To enable these concurrent cloud audits, a Cloud Audit Policy Language is developed and integrated into the audit architecture. Furthermore, to address advanced cloud specific security challenges, an anomaly detection system based on machine learning technology is developed. By creating cloud usage profiles, a continuous evaluation of events - customer specific as well as customer overspanning - helps to detect anomalies within an IaaS cloud. The feasibility of the research is presented as a prototype and its functionality is presented in three demonstrations. Results prove, that the developed cloud audit architecture is able to mitigate cloud specific security challenges

Audit of Financial Information Systems: a risk-based approach and fuzzy logic

Nowadays, business is exposed to information system risks and threats. This justifies the growing inquiry, of investors and shareholders, on their business security. Information systems auditing has strong tools and techniques, which can assist organizations in minimizing these risks and threats. But the fast-changing and growth of information systems makes the audit missions more complex and surrounded by uncertainty, related to audit quality parameters like experience, knowledge, and others. In line with this, the auditors may be faced with discrepancies during auditing, with each anomaly typically triggering a binary evaluation of significance. In this paper, we develop a fuzzy expert system framework, which evaluates the level of significance in the audit by allowing a discrepancy to have a level between 0 and 1. Such a framework enables the auditor to have increased accuracy and more flexibility in evaluating the appropriate level of significance, and provides a better understanding of the scope of subsequent audits and examinations. As results, we show that a fuzzy expert system has the potential to assist the auditor in the process of including qualitative information in the frivolous level and identifying the anomalies that may be most worthy of investigation. The fuzzy expert system standardizes the process of auditing by providing a formal model structure. This may facilitate reporting within the audit organization and improve the coherence of the audit process between auditors, missions over time.   JEL Classification: C67, M15, M42 Paper type: Empirical researchNowadays, business is exposed to information system risks and threats. This justifies the growing inquiry, of investors and shareholders, on their business security. Information systems auditing has strong tools and techniques, which can assist organizations in minimizing these risks and threats. But the fast-changing and growth of information systems makes the audit missions more complex and surrounded by uncertainty, related to audit quality parameters like experience, knowledge, and others. In line with this, the auditors may be faced with discrepancies during auditing, with each anomaly typically triggering a binary evaluation of significance. In this paper, we develop a fuzzy expert system framework, which evaluates the level of significance in the audit by allowing a discrepancy to have a level between 0 and 1. Such a framework enables the auditor to have increased accuracy and more flexibility in evaluating the appropriate level of significance, and provides a better understanding of the scope of subsequent audits and examinations. As results, we show that a fuzzy expert system has the potential to assist the auditor in the process of including qualitative information in the frivolous level and identifying the anomalies that may be most worthy of investigation. The fuzzy expert system standardizes the process of auditing by providing a formal model structure. This may facilitate reporting within the audit organization and improve the coherence of the audit process between auditors, missions over time.   JEL Classification: C67, M15, M42 Paper type: Empirical researc

A Survey of Security and Privacy Challenges in Cloud Computing: Solutions and Future Directions

While cloud computing is gaining popularity, diverse security and privacy issues are emerging that hinder the rapid adoption of this new computing paradigm. And the development of defensive solutions is lagging behind. To ensure a secure and trustworthy cloud environment it is essential to identify the limitations of existing solutions and envision directions for future research. In this paper, we have surveyed critical security and privacy challenges in cloud computing, categorized diverse existing solutions, compared their strengths and limitations, and envisioned future research directions

Continuous monitoring of enterprise risks: A delphi feasibility study

A constantly evolving regulatory environment, increasing market pressure to improve operations, and rapidly changing business conditions are creating the need for ongoing assurance that organizational risks are continually and adequately mitigated. Enterprises are perpetually exposed to fraud, poor decision making and/or other inefficiencies that can lead to significant financial loss and/or increased levels of operating risk. Increasingly, Information Systems are being harnessed to reinvent the risk management process. One promising technology is Continuous Auditing, which seeks to transform the audit process from periodic reviews of a few transactions to a continuous review of all transactions. However, the highly integrated, rapidly changing and hypercompetitive business environment of many corporations spawns numerous Enterprise Risks that have been excluded from standard risk management processes. An extension of Continuous Auditing is Continuous Monitoring, which is used by management to continually review business processes for unexpected deviations. Using a Delphi, the feasibility and desirability of applying Continuous Monitoring to different Enterprise Risks is studied. This study uncovers a significant relationship between the perceived business value of Continuous Monitoring and years of experience in Risk Management and Auditing, determines that all key architectural components for a Continuous Monitoring system are known, and indicates that Continuous Monitoring may be better suited for monitoring computer crime than monitoring strategic risks such as the loss of a competitive position