57 research outputs found
Evidential Reasoning for WebTrust Assurance Services
This is the author's final draft. The publisher's official version is available from: http://www.jmis-web.orgThis study looks at two aspects of assurance services. The first deals with the type(s) of
evidential networks that will allow a professional accountant to provide assurance. Here, we
develop an evidential network model for “WebTrust Assurance,” a service being provided by
the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of
Chartered Accountants (CICA). Our model augments the AICPA/CICA approach and provides
goals, sub-goals and evidence relevant to the overall assurance to be provided. The aggregation
of evidence and the resolution of uncertainties follow the belief-function approach of
Srivastava and Shafer.
Next we develop a decision theoretic model for the assurance-planning problem. Our
approach is based on estimating the expected value of providing various levels of assurance and
is illustrated with several different scenarios that may be faced in practice. We also consider the
role of ambiguity in decision situations such as planning WebTrust engagements and calculate
bounds in expected value based on whether auditors are conservative or not in their approach
to risk
An Information Systems Security Risk Assessment Model Under Dempster- Schafer Theory of Belief Functions
This is the author's final draft. The publisher's official version is available from:.This study develops an alternative methodology for the risk analysis of information systems
security (ISS), an evidential reasoning approach under the Dempster-Shafer theory of belief
functions. The approach has the following important dimensions. First, the evidential reasoning
approach provides a rigorous, structured manner to incorporate relevant ISS risk factors, related
counter measures and their interrelationships when estimating ISS risk. Secondly, the
methodology employs the belief function definition of risk, that is, ISS risk is the plausibility of
information system security failures. The proposed approach has other appealing features, such
as facilitating cost-benefit analyses to help promote efficient ISS risk management. The paper
both elaborates the theoretical concepts and provides operational guidance for implementing the
method. The method is illustrated using a hypothetical example from the perspective of
management and a real-world example from the perspective of external assurance providers.
Sensitivity analyses are performed to evaluate the impact of important parameters on the model’s
results
Applications of Belief Functions in Business Decisions: A Review
This is the author's final draft. The publisher's official version is available from: .In this paper, we review recent applications of Dempster-Shafer theory (DST) of belief functions
to auditing and business decision-making. We show how DST can better map uncertainties in
the application domains than Bayesian theory of probabilities. We review the applications in
auditing around three practical problems that challenge the effective application of DST,
namely, hierarchical evidence, versatile evidence, and statistical evidence. We review the
applications in other business decisions in two loose categories: judgment under ambiguity and
business model combination. Finally, we show how the theory of linear belief functions, a new
extension of DST, can provide an alternative solution to a wide range of business problems
An Evidential Reasoning Approach to Fraud Risk Assessment under Dempster-Shafer Theory: A General Framework
This paper develops a general framework under Dempster-Shafer theory for assessing fraud risk in a financial statement audit by integrating the evidence pertaining to the presence of fraud triangle factors (incentives, attitude and opportunities), and evidence concerning both account-based and evidence-based fraud schemes. This framework extends fraud risk assessment models in prior research in three respects. 1) It integrates fraud schemes, both account schemes through which accounts are manipulated, and evidence schemes through which frauds are concealed, into a single framework. 2) It incorporates prior fraud frequency information obtained from the Accounting and Auditing Enforcement Releases issued by the Securities and Exchange Commission into an evidential network which uses Conditional OR relationships among assertions. 3) The framework provides a structured approach for connecting risk assessment, audit planning, and evaluation of audit results. The paper uses a real fraud case to illustrate the application of the framework
Conceptualization of Relational Assurance Mechanisms - A Literature Review on Relational Assurance Mechanisms, Their Antecedents and Effects
Assurance mechanisms are an important element of relational governance and frequently used in information systems (IS) research; still missing in this field, however, is a coherent and interrelated structure to organize available knowledge. In this study, we provide a first step towards development of a conceptualization framework of relational assurance mechanisms to enable their further investigation. From our analysis of existing literature, we discover two gaps in assurance research: (1) a fragmentation of assurance research and (2) a lack of conceptual consensus on relational assurance mechanisms. We provide a theoretical framework consisting of a conceptualization of identified relational assurance mechanisms, their antecedents and effects as a means of advancing theory in this area. Several possibilities for future research are discussed
Representation of Interrelationships among Binary Variables under Dempster-Shafer Theory of Belief Functions
This is the peer reviewed version of the following article: Srivastava, R. P., L. Gao, and P. Gillett. " Representation of Interrelationships among Binary Variables under Dempster-Shafer Theory of Belief Functions" (pre-publication version), 2009, International Journal of Intelligent Systems, Volume 24 Issue 4, pp. 459 - 475, which has been published in final form at http://doi.org/10.1002/int.20347. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.This paper presents an algorithm for developing models under Dempster-Shafer theory of belief functions for categorical and 'uncertain' logical relationships among binary variables. We illustrate the use of the algorithm by developing belief-function representations of the following categorical relationships: 'AND', 'OR', 'Exclusive OR (EOR)' and 'Not Exclusive OR (NEOR)', and 'AND-NEOR' and of the following uncertain relationships: 'Discounted AND', 'Conditional OR', and 'Weighted Average'. Such representations are needed to fully model and analyze a problem with a network of interrelated variables under Dempster-Shafer theory of belief functions. In addition, we compare our belief-function representation of the 'Weighted Average' relationship with the 'Weighted Average' representation developed and used by Shenoy and Shenoy8. We find that Shenoy and Shenoy representation of the weighted average relationship is an approximation and yields significantly different values under certain conditions
An Introduction to Evidential Reasoning for Decision Making under Uncertainty: Bayesian and Belief Functions Perspectives
The main purpose of this article is to introduce the evidential reasoning approach, a research
methodology, for decision making under uncertainty. Bayesian framework and Dempster-Shafer
theory of belief functions are used to model uncertainties in the decision problem. We first
introduce the basics of the DS theory and then discuss the evidential reasoning approach and
related concepts. Next, we demonstrate how specific decision models can be developed from the basic evidential diagrams under the two frameworks. It is interesting to note that it is quite
efficient to develop Bayesian models of the decision problems using the evidential reasoning
approach compared to using the ladder diagram approach as used in the auditing literature. In
addition, we compare the decision models developed in this paper with similar models developed in the literature
An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Risk Assessment
This is the peer reviewed version of the following article: Mock, T., L. Sun, R. P. Srivastava, and M. Vasarhelyi. " An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Risk Assessment under Dempster-Shafer Theory", 2009, ABACUS, Vol. 45, No. 1, pp. 66-87.
, which has been published in final form at http://doi.org/10.1016/j.accinf.2008.10.003. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.In response to the enactment of the Sarbanes-Oxley Act 2002 and of the release of the Public Company Accounting Oversight Board (PCAOB) Auditing Standard No. 5, this study develops a risk-based evidential reasoning approach for assessing the effectiveness of internal controls over financial reporting (ICoFR). This approach provides a structured methodology for assessing the effectiveness of ICoFR by considering relevant factors and their interrelationships. The Dempster-Shafer theory of belief functions is utilized for representing risk. First, we develop a generic ICoFR assessment model based upon a Big 4 audit firm’s approach and apply it to a real-world example. Then, based on this model, we develop a quantitative representation of various levels of ICoFR effectiveness and related risk-assessment as defined by the PCAOB and contrast these representations with levels implied by Auditing Standard No. 5. In doing so, we demonstrate the potential value of formal risk assessment models in both facilitating the assessment of risks in an individual engagement and in assessing the effects of different regulations
- …