Risk-Based Information System Audit: A Literature Review and Its Implications in Accounting
DOI:
https://doi.org/10.63822/zknzvm95Keywords:
Risk-Based Information System , Accounting, Literature ReviewAbstract
This paper examines the concept of Risk-Based Information System Auditing (RBISA) and its implications within the field of accounting. As organizations increasingly rely on digital technologies and automated accounting systems, the demand for more adaptive and risk-oriented audit methodologies has grown substantially. Drawing from existing literature and established frameworks such as COBIT, ITAF, and COSO, this study explores how risk-based auditing enhances the reliability, efficiency, and integrity of financial information systems. The paper highlights the core principles of RBISA (risk identification, assessment, control testing, and reporting) and emphasizes its role in strengthening internal controls, improving audit efficiency, and supporting proactive risk management. Moreover, it discusses how technological tools such as data analytics and automated audit trails improve audit quality while also introducing new skill requirements for auditors. The findings suggest that RBISA contributes to improved governance, financial transparency, and compliance with regulatory standards. Ultimately, this study underscores the importance of integrating risk-based and technology-driven auditing approaches in modern accounting practices to enhance accountability and organizational resilience.
References
Alzeban, A., & Gwilliam, D. (2014). Factors affecting the internal audit effectiveness: A survey of the Saudi public sector. Journal of International Accounting, Auditing and Taxation, 23(2), 74–86.
Arena, M., & Azzone, G. (2009). Identifying organizational drivers of internal audit effectiveness. International Journal of Auditing, 13(1), 43–60.
Bierstaker, J., Janvrin, D., & Lowe, D. J. (2014). What factors influence auditors’ use of computer-assisted audit techniques? Advances in Accounting, 30(1), 67–74.
ISACA. (2020). COBIT 2019 Framework: Governance and Management Objectives. Information Systems Audit and Control Association.
International Federation of Accountants (IFAC). (2018). International Standards on Auditing (ISAs). IFAC.
Kuhn, J. R., & Sutton, S. G. (2010). Continuous auditing in ERP system environments: The current state and future directions. Journal of Information Systems, 24(1), 91–112.
Lenz, R., Sarens, G., & D’Silva, K. (2014). Probing the discriminatory power of characteristics of internal audit functions: Empirical evidence. International Journal of Auditing, 18(2), 126–138. https://doi.org/10.1111/ijau.12016
Moeller, R. R. (2016). Brink’s Modern Internal Auditing: A Common Body of Knowledge (8th ed.). Wiley.
Sari, R. N., & Nugroho, M. (2022). The role of information technology in risk-based auditing: A literature review. Asian Journal of Accounting Research, 7(3), 245–260.
Spraakman, G., O’Grady, W., Askarany, D., & Akroyd, C. (2015). ERP systems and management accounting: New understandings through “nudging” in research. Journal of Accounting & Organizational Change, 11(1), 63–88.
Vasarhelyi, M. A., Alles, M. G., & Kogan, A. (2012). Principles of analytic monitoring for continuous assurance. Journal of Emerging Technologies in Accounting, 9(1), 1–21.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Alexandro Munthe, Cherin Mahulae, Iskandar Muda (Author)
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
