International Journal of Contemporary Economics and Administrative Sciences
Doi
Abstract
This study examines internal audit effectiveness in cybersecurity from the perspective of internal auditors at Turkish universities. Internal audit's role in cybersecurity governance within higher education represents an emerging research area, despite the rapid rise in cyber threats. Therefore, an online questionnaire was distributed to 168 internal auditors employed by state and foundation universities in Turkey, and 52 usable responses were received (30.9% response rate). The questionnaire contained demographic questions and 27 five-point Likert-scale items relating to internal audit effectiveness in cybersecurity. Exploratory factor analysis revealed five factors that summarized the 27 cybersecurity audit effectiveness items, accounting for 78.9% of the total variance. The study also discovered some significant demographics about internal audit in relation to cybersecurity. Over 51.9% of universities reported they outsourced cybersecurity services, 80.8% of internal audit units reported that they had never identified common cyber threats, while also 44.2% of the respondents reported that cybersecurity had never been discussed at the board level. An ANOVA test was also conducted, and the findings highlighted significant differences regarding cybersecurity perceptions based upon the educational background of auditors and knowledge level of the auditors (p<0.05). This study highlights important gaps in governance in relation to cybersecurity and provides evidence for promoting internal audit capabilities for dealing with digital risk management in Turkish universities
