Exploring COBIT processes for ITG in Saudi organizations : an empirical study

Control Objectives for Information and Related Technology (COBIT) has become one of the most important guidelines for information technology governance (ITG), which provides organizations with a useful tool to start evaluating their own ITG systems. COBIT introduces an ITG framework and supporting toolset that allows IT managers to bridge the gap between control requirements, technical issues and business risks. The objective of this study is to investigate the formality, auditing, responsibility and accountability of implementing COBIT processes for ITG in Saudi organizations. An empirical survey, using a self-administered questionnaire, was conducted to achieve these objectives. Five hundred questionnaires were distributed to a sample of Saudi organizations in a selected number of Saudi cities. One hundred and twenty seven valid questionnaires – representing a 25.4 percent response rate –were collected and analyzed using the Statistical Package for Social Sciences (SPSS) version 16. While the results of the study reveal that the majority of respondents reported that implementing ITG COBIT processes and domains is the responsibility of IT departments in Saudi organizations, most of the respondents reported that the COBIT processes and domains are neither audited nor formally conducted in their organizations. From a practical standpoint, managers and practitioners alike stand to gain from the findings of this study. The study provides useful information for senior management, IT managers, accountants, auditors, and academics to understand the implementation phase and the impact of COBIT on ITG in Saudi organizations.Los Objetivos de Control para la información y tecnologías afines (COBIT) se han convertido en uno de las pautas más importantes para la dirección de la tecnología de la información (ITG), lo que proporciona a las organizaciones con una herramienta útil para evaluar sus propios sistemas de informática. COBIT introduce un marco ITG y un conjunto de herramientas de apoyo que permite a los administradores informáticos a salvar la situación entre los requisitos de control, asuntos técnicos y riesgos empresariales. El objetivo de este estudio es investigar la formalidad, la auditoría, la responsabilidad y la rendición de cuentas de implementar los procesos COBIT para ITG en organizaciones saudíes. Una encuesta empírica, con el uso de un cuestionario auto-administrado, se llevó a cabo para conseguir esto. Quinientos cuestionarios se distribuyeron a una muestra de dichas organizaciones en un número seleccionado de ciudades saudíes. Se reunieron ciento veintisiete cuestionarios válidos – representando un 24’5% en cuanto a la tasa de respuesta -, los cuales fueron analizados con la versión 16 del Paquete Estadístico para las Ciencias Sociales (SPSS). Mientras los resultados del estudio revelaron que la mayoría de los participantes declararon que la aplicación los procesos ITG COBIT, y los dominios es responsabilidad de los departamentos informáticos de estas organizaciones, la mayor parte de los participantes reclamaron que dichos procesos y dominios no son auditados ni formalmente llevados a cabo en sus organizaciones. Desde una perspectiva práctica, tanto los directores como los profesionales pueden beneficiarse de los hallazgos de este estudio. Este mismo aporta información útil para la alta dirección, los administradores informáticos, los contables, los auditores, y los académicos para que entiendan la fase de aplicación, y el impacto de COBIT en ITG en las organizaciones saudíes

Evaluating the security controls of CAIS in developing countries : the case of Saudi Arabia

This paper examines the existence and adequacy of implemented Computerized Accounting Information Systems (CAIS) security controls to prevent, detect and correct security breaches in Saudi organizations. An empirical survey, using a self-administered questionnaire, was carried out to achieve this purpose. Five hundred questionnaires were distributed on a random sample of Saudi organizations. Two hundred and seventy five valid, usable questionnaires were collected and analyzed. The results of the study highlight a number of inadequately implemented CAIS security controls, and some suggestions and recommendations are introduced to strengthen the weak points and to close the loopholes in the present CAIS security controls in Saudi organizations. From a practical standpoint, managers, auditors, IT users and practitioners alike stand to gain from the findings of this study. The results could enable them to better understand and secure their CAIS and to champion IT development for the success of their businesses.Este artículo examina la existencia y adecuación de los controles de seguridad implementados de los sistemas de información de contabilidad informativa (CASI en inglés) para prevenir, detectar y corregir las infracciones de seguridad en las organizaciones de Saudi. Una encuesta empírica, con el uso de un cuestionario auto-administrado, se llevó a cabo para conseguir este fin. Se distribuyeron quinientos cuestionarios sobre una muestra aleatoria de estas organizaciones. Solo se recogieron y analizaron aquellos doscientos setenta y cinco cuestionarios válidos. Los resultados de este estudio destacan un número de inadecuados controles de seguridad implementados de CAIS, y se introducen, además, algunas sugerencias y recomendaciones para mejorar los puntos débiles y cerrar las lagunas en los actuales controles de seguridad de CAIS en las organizaciones de Saudi. Desde un punto de vista práctico, tanto los directores, como los auditores, usuarios y profesionales de informática pueden beneficiarse de los hallazgos de este estudio. Los resultados pueden permitirles a entender mejor y asegurar sus CAIS, y defender el desarrollo de la informática para el éxito de sus negocios

The Determinates Of Selecting Accounting Software: A Proposed Model

Selecting the appropriate accounting software has become an important issue for many organizations. Selecting the wrong accounting software would be a great disaster, it might lead to major financial losses, and possibly even bankruptcy. Certain crucial factors such as users’ current and future needs, business type, business size, features and attributes of accounting software, information technology infrastructure and environment, and vendor reliability should be taken into consideration before obtaining the software. The objective of this paper is to investigate, analyze and evaluate the main factors an organization should consider in its decision to select the appropriate accounting software. The paper introduces an integrated theoretical framework of the main factors affecting the selection of an appropriate accounting software package for an organization. The paper proceeds to introduce a proposed mathematical model of the determinants of selecting accounting software. The proposed model would help an organization to select the most appropriate accounting software that would satisfy its current and future needs for information and financial and non-financial reports

Investigating The Security Policies Of Computerized Accounting Information Systems In The Banking Industry Of An Emerging Economy: The Case Of Egypt

Information has become one of the most valuable corporate assets, which should be protected with care and concern because business survival and success are heavily dependent upon the confidentiality, integrity and continued availability of critical information. The reliance on information and rapidly changing technology forces many organizations to implement comprehensive information security programs to protect their information systems. However, the success of implementing such security programs relies largely on employees’ awareness and compliance. The failure to secure information or to make it available when required to those who need it would lead to financial and non-financial losses. The objective of this paper is to explore the main characteristics of security policies of the computerised accounting information systems (CAIS) in the Egyptian Banking Industry (EBI), and to investigate the differences among bank types regarding the existence, implementation, clarity, comprehensiveness, publicity, awareness, management attitudes, and participation in designing, developing and evaluating their banks’ CAIS security policies. The research statistics revealed that the vast majority the surveyed banks has formal written, clear, comprehensive, reasonable and well-published CAIS security policies. Moreover, the majority of respondents believed that there was adequate awareness of CAIS security issues among their banks’ managers and employees and that managers had positive attitudes and paid great attention to security issues. Further, the majority of respondents also claimed that they participated in designing, developing and evaluating their banking CAIS security policies and controls

Investigating The Security Policies Of Computerized Accounting Information Systems In The Banking Industry Of An Emerging Economy: The Case Of Egypt

Information has become one of the most valuable corporate assets, which should be protected with care and concern because business survival and success are heavily dependent upon the confidentiality, integrity and continued availability of critical information. The reliance on information and rapidly changing technology forces many organizations to implement comprehensive information security programs to protect their information systems. However, the success of implementing such security programs relies largely on employees’ awareness and compliance. The failure to secure information or to make it available when required to those who need it would lead to financial and non-financial losses. The objective of this paper is to explore the main characteristics of security policies of the computerised accounting information systems (CAIS) in the Egyptian Banking Industry (EBI), and to investigate the differences among bank types regarding the existence, implementation, clarity, comprehensiveness, publicity, awareness, management attitudes, and participation in designing, developing and evaluating their banks’ CAIS security policies. The research statistics revealed that the vast majority the surveyed banks has formal written, clear, comprehensive, reasonable and well-published CAIS security policies. Moreover, the majority of respondents believed that there was adequate awareness of CAIS security issues among their banks’ managers and employees and that managers had positive attitudes and paid great attention to security issues. Further, the majority of respondents also claimed that they participated in designing, developing and evaluating their banking CAIS security policies and controls

Exploring information technology governance (ITG) in developing countries : an empirical study

The objective of this study is to explore the current performance of information technology governance (ITG) in Saudi organizations using the balanced scorecard model introduced by the ITG Institute (ITGI, 2005). An empirical survey was carried out to achieve this purpose. Five hundred questionnaires were randomly distributed to a representative sample of Saudi organizations and the response rate was 29.5%. The results of the study reveal that the vast majority of respondents reported the importance of ITG performance measures. A majority of them reported it had been measured, but a smaller number believe that such measures have actually been used in evaluating the ITG performance in their organizations. The results of this study suggest that Saudi organizations should achieve better governance of their IT in order to ensure that an organization’s IT strategy is aligned with and supports the overall organization’s strategy-- that IT supports the organization’s ability to exploit opportunities and maximize benefits. The results also suggest that Saudi organizations should use their IT resources more responsibly and manage their IT-related risks appropriately in order to champion the IT development for the success of their businesses.El objetivo de este estudio es examinar el desempeño actual de la Junta de Gobernanza sobre Tecnología de la Información (JGTI) en las organizaciones de Arabia Saudi, usando un modelo de puntuación equilibrada introducido por el instituto ITG (ITG,2005). Se llevó a cabo una encuesta empírica para conseguir esto. Se distribuyeron de forma aleatoria quinientos cuestionarios, a una muestra representativa de organizaciones de Arabia Saudi, y el porcentaje de respuesta fue de 29’5%. Los resultados de este estudio revelan que la gran mayoría de los encuestados informaron sobre la importancia de las medidas de actuación del ITG. La mayoría de ellos reportaron que se había medido, pero un pequeño número creía que dichas medidas habían sido utilizadas, en realidad, para evaluar la actuación del ITG en sus organizaciones. Este estudio sugiere, según sus resultados, que dichas organizaciones deberían de conseguir una mejor dirección de sus tecnologías, para asegurar que la estrategia tecnológica de la organización se adapta, y apoya la estrategia general de la misma – que la tecnología apoya la habilidad de la organización para aprovechar oportunidades y maximizar beneficios. Además, los resultados también sugieren que estas organizaciones deberían de usar sus recursos tecnológicos de una forma más responsable, y dirigir sus riesgos tecnológicos apropiadamente, para luchar por el desarrollo de la tecnología para el éxito de sus negocios

The Effect Of Controlling Hyperglycemia On The Morbidity And Mortality Of Intensive Care Unit (ICU) Patients

Introduction: Hyperglycemia and insulin resistance are common in critically ill patients, even if they have not previously had diabetes, and the risk of mortality or significant morbidity is high among those who are treated in the intensive care unit (ICU) for more than 5 days. Objective: To assess the effect of glucose management protocol on mortality and morbidity in a heterogeneous population of critically ill adult patients. Design: A randomized controlled trial. Setting: A 24-bed medical-surgical intensive care unit (ICU) for adult patients at King Hussein Medical Center, the Royal Medical Services. Methods: A total of 50 patients who were considered to need intensive care for at least three days, were randomly assigned into two groups. The intervention group subjects were to undergo a glucose control protocol with insulin infusion titrated to maintain blood glucose level in a target range of 120-160 mg/dL; except septic patients, in whom the target was higher, 160- 180 mg/dL. Patients in the second group (control group) were treated by a conventional approach with reduction of blood glucose level only if the level was markedly elevated (>200 mg/dL) to maintain blood glucose level in a target range of 180-200 mg/dL. Results: After adjustment for baseline characteristics the 2 groups of patients were well matched, for age, sex, prevalence of diabetes mellitus, HbA1c value and distribution of diagnoses; the only significant difference was in the percentage of cardiovascular dysfunction, which was higher in the intervention group (p=0.047). After institution of the protocol, the mean blood glucose levels differed significantly between the two treatment groups during the study period (143.70±12.78 mg/dL in the intervention group versus 175.56±14.07 mg/dL in the control group (p<0.001). And patients in the intervention group received a larger mean insulin dose 28.32 ±16.38 units per day, vs. 14.60±12.26 in the control group (p=0.001). The difference in mortality between the two treatment groups was not significant at 28 days (p=0.370) and at 60 days (p=0.555). No significant increase in hypoglycemia episodes was reported in our blood glucose level target. Conclusion: The glucose management protocol resulted in significantly improved glycemic control and was not associated with increased rate of death or hypoglycemia

Designing An Intervention Program To Control Glucose Level In Intensive Care Unit (ICU) In King Hussein Medical Center, Royal Medical Services

Controlling blood glucose level in ICU is one of the main priorities in ICU to decrease mortality rates and morbidity rates and to decrease the healthcare cost. The main objective of the present study is design and implement an intervention protocol in ICU. The method involved a suggested intervention protocol which was applied for 25 ICU patients and their findings were compared with 25 ICU patients in control group. Study findings showed that the intervention protocol was able to reduce mortality rates, positive blood cultures, decreased morning glucose level in the intervention group compared with control group. As a conclusion, controlling blood glucose level in ICU is considered an appropriate approach and leads to better outcome of the patients

Optimisation of silicone-based dielectric elastomer transducers by means of block copolymers – synthesis and compounding

Emerging artificial muscle technology has developed from metal-based robotics to softtype robotics made from soft matter. Research into artificial muscle technology based on soft matter has been conducted mainly in order to mimic soft and robust human muscle. In this regard, dielectric elastomers have been studied. Their actuation occurs when Maxwell stress exceeds elastic stress in the presence of an electrical field, resulting in contraction in thickness and planar expansion in the area. As well as an actuator, dielectric elastomers can be used as generators and sensors. As a dielectric elastomer, silicones have been used extensively in many applications, due to favourable properties such as thermal stability, non-conductivity, high gas permeability and low toxicity. However, silicones have a low dielectric constant and thereby low energy density. In order to enhance actuation performance, it is the aim of this research to develop silicone elastomers with a high dielectric constant and high electrical breakdown strength, as well as a low Young’s modulus. In this Ph.D. thesis, two methods were developed to enhance silicone properties such as the dielectric constant and electrical breakdown strength. The first method was devised to enhance the dielectric constant of silicone elastomers through the use of a polydimethylsiloxane-polyethyleneglycol (PDMS-PEG) copolymer, in order to obtain an elastomer with high electrical energy. PDMS-PEG copolymers were synthesised and blended in commercial silicone and subsequently cross-linked. The relative permittivity of cross-linked silicone with 5 wt% of PDMS-PEG copolymers increased by nearly 50%, without compromising dielectric loss and mechanical properties, compared to the commercial silicone elastomer. The second investigated method involved enhancing the electrical breakdown strength of silicone by using an aromatic voltage stabiliser. Here, polyphenylmethylsiloxane (PPMS), which contained aromatic voltage stabilisers, was bonded covalently to PDMS through a hydrosilylation reaction obtaining PDMS-PPMS copolymers. The synthesised copolymers were subsequently cross-linked with a vinyl cross-linker. The obtained cross-linked PDMS-PPMS copolymers were inherently soft and robust with increased electrical breakdown strength (21%) compared to the reference elastomer without an aromatic voltage stabiliser. The conducting polymer was developed through the use of a multi-walled carbon nanotube (MWCNT) in a PDMS-PEG matrix as a compliant electrode of dielectric elastomers. The conductive PDMS-PEG copolymer was incorporated with surface-treated MWCNT, in order to obtain highly conductive elastomer. The prepared sample with 4 parts per hundred rubber (phr) MWCNT was soft and the resulting conductivity of the cross-linked PDMS-PEG copolymer with the addition of MWCNT was high, at 10-2 S cm-1, nearly equivalent to a commonly used commercial conducting polymer. In this thesis, the elastomer and electrode system is referred to as a ‘dielectrielastome

Effects of modern instructional technology (MIT) on critical thinking skills of students in agriculture vocational courses in Nigeria

The recent development in modern instruction technology (MIT) methods and equipment warranted for studies to examine their effects on students, teachers, and the education system in general. This study examines the effects of MIT on students’ critical thinking skills in Agriculture vocational courses in Nigeria. The methods and equipment used were identified, and the effect of teachers’ usage behaviour was assessed. A survey approach was adopted, using questionnaires for data collection. The descriptive, correlations and multiple regressions were carried out using SPSS. The result of this study indicates that the most commonly used equipment is electronic whiteboard, while the least are electronic tablets and laptops. Cooperative learning is the most commonly used methods while games and online instruction are the least. There is a moderate positive correlation between MIT methods and the students’ critical thinking skill, but a very weak positive correlation between MIT equipment and students’ critical thinking skill. There is statistically significant contribution of methods to student’s critical thinking, but insignificant method usage behaviour. Therefore, it is concluded that government should incorporate the provision and effective utilisation of MIT equipment and methods in the national education policy. School managements should emphasise the use of MIT methods and review curriculum to improve teachers’ skills in MIT usage. Teachers should utilise the available MIT equipment and method along with their skills for an effective delivery of lessons. Similarly, the students should be encouraged to appreciate the available methods and the equipment, and use them effectively