文化大學機構典藏 CCUR:Item 987654321/26860
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 47145/51011 (92%)
Visitors : 13877876      Online Users : 311
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://irlib.pccu.edu.tw/handle/987654321/26860


    Title: Combining Decision Making Trial and Evaluation Laboratory with Analytic Network Process to Perform an Investigation of Information Technology Auditing and Risk Control in an Enterprise Resource Planning Environment
    Authors: Tsai, WH (Tsai, Wen-Hsien)
    Chou, YW (Chou, Yu-Wei)
    Lee, KC (Lee, Kuen-Chang)
    Lin, WR (Lin, Wan-Rung)
    Hwang, ETY (Hwang, Elliott T.Y.)
    Contributors: Dept Banking & Finance
    Keywords: information technology auditing;;
    risk control
    internal control
    enterprise resource planning (ERP)
    decision making trial and evaluation laboratory (DEMATEL)
    analytic network process (ANP)
    Date: 2013-03
    Issue Date: 2014-02-27 13:10:14 (UTC+8)
    Abstract: The research examined different types of risk through interviews with experts. The risks studied include business interruption risk, process interdependency risk and system security risk. The decision making trial and evaluation laboratory is used to find the relationship among risks and combined with the analytic network process to select the optimal measures for reducing risks. The results indicate that information technology (IT) consultants prefer the Disaster Recovery Plan (DRP). They usually use the remote replication or High Availability (HA) to protect data. IT personnel believe that all of the IT risk controls are important. Auditors indicate that data access control is very important because users have to execute data access every day. Users of IT express a preference towards data input/output control as the most important control. The results achieved from all experts indicate that the most important controls overall are data input/output control, data access control and so on. Managers need to consider these risks to avoid any potential problems. Copyright (c) 2012 John Wiley & Sons, Ltd.
    Relation: SYSTEMS RESEARCH AND BEHAVIORAL SCIENCE Volume: 30 Issue: 2 Pages: 176-193
    Appears in Collections:[Department of Banking & Finance ] periodical articles

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML591View/Open


    View Licence

    All items in CCUR are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback