Data Governance and Information Technology Audit

Khazen, Atena

doi:10.22034/jista.2025.503163.1002

Data Governance and Information Technology Audit

Document Type : Review

Author

Atena Khazen

Faculty of Accounting and Financial Sciences, Tehran University, Tehran, Iran

10.22034/jista.2025.503163.1002

Abstract

Today, the most impactful technologies in the enterprise toolkit include artificial intelligence, automation, cloud applications, infrastructure, cybersecurity defense, and analytics. Together, these critical mechanisms enable companies to thrive in the most competitive business landscape in history and meet the expectations of an increasingly demanding customer base. While these technologies may appear very different on the surface and pursue unique goals, there is a common factor that unites them all: data. Data, in particular, influences operational and strategic decisions. How this data is governed has also become increasingly important, and it is considered a valuable asset. Data governance is a broad concept that encompasses the management of data assets in an organization. It encompasses aspects such as availability, integrity, security, decision-making rights, responsibilities, policies, processes, and technologies. In this review study, an attempt has been made to present a practical perspective on data governance research topics and approaches used for data governance and to provide useful insights for data governance by IT auditing.

Keywords

Data

Data Governance

Information Technology Audit

Appelbaum, D., Kogan, A., Vasarhelyi, M.A. (2017). Big data and analytics in the modern audit engagement: Research needs. Auditing: A Journal of Practice & Theory, 36(4), 1–27. https://doi.org/10.2308/ajpt-51684

Bourgeois, B. (2024). Data governance — Definition, tools, framework. Profisee. https://profisee.com/data-governance-what-why-how-who/#tab5

Bližnák, K., Munk, M., & Pilková, A. (2024). A systematic review of recent literature on data governance (2017-2023). IEEE Access, 875-888. https://creativecommons.org/licenses/by/4.0/

Cheong, L. K., & Chang, V. (2007). The need for data governance: A case study. In Proceedings of the 18th Australasian Conference on Information Systems (pp. 999–1008). Toowoomba, Australia. https://aisel.aisnet.org/acis2007/100

Davidson, E., Wessel, L., Winter, J. S., & Winter, S. (2023). Future directions for scholarship on data governance, digital innovation and grand challenges. Information & Organization, 33(1). 1- 23 https://doi.org/10.1016/j.infoandorg.2023.100454

Gantz, S. D. (2024). Fundamentals of IT auditing (1st ed.; N. Rahimian & R. Rezapour, Trans.). Anvarellahi Publications. (in Persian)

Gepp, A., Linnenluecke, M.K., O’Neill, T.J., & Smith, T. (2018). Big data techniques in auditing research and practice: Current trends and future opportunities. Journal of Accounting Literature, 40, 102–115. https://dx.doi.org/10.2139/ssrn.2930767

American Institute of Certified Public Accountants, Auditing Standards Board. (2001, December). Statement on Auditing Standards No. 95. New York, NY: Author. https://www.fasb.org/page/PageContent?pageId=/reference-library/superseded-standards/summary-of-statement-no-95.html&bcpath=tff

Hagmann, J. (2013). Information governance – Beyond the buzz. Records Management Journal, 23, 228–240. http://dx.doi.org/10.1108/RMJ-04-2013-0008

Han, H., Shiwakoti, R.K., Jarvis, R., Mordi, C., & Botchie, D. (2023). Accounting and auditing with blockchain technology and artificial Intelligence: A literature review. International Journal of Accounting Information Systems, 48, Article 100598, 1-16. https://doi.org/10.1016/j.accinf.2022.100598

Hasan, A.R. (2021). Artificial Intelligence (AI) in accounting & auditing: A literature review. Open Journal of Business and Management, 10, 440– 465. https://doi.org/10.4236/ojbm.2022.101026

Holt, V., Ramage, M., Kear, K., & Heap, N. (2015). The usage of best practices and procedures in the database community. Information Systems, 49, 163–181. https://oro.open.ac.uk/41622/3/Best_Practices_081214.pdf

Huang, F., Vasarhelyi, M.A. (2019). Applying robotic process automation (RPA) in auditing: A framework. International Journal of Accounting Information Systems, 35, Article 100433, 90-115. https://doi.org/10.1016/j.accinf.2019.100433

Cabinet Office. (2011). ITIL 2011 glossary and abbreviations (GB v1.0). London, United Kingdom: Author. https://htmlscript.auburn.edu/oit/ITILV3_Glossary.pdf

Khatri, V., & Brown, C. V. (2010). Designing data governance. Communications of the ACM, 53(1), 148-152. https://dl.acm.org/doi/pdf/10.1145/1629175.1629210

Ladley, J. (2019). Data governance: How to design, deploy, and sustain an effective data governance program. Academic Press. https://www.amazon.com/Data-Governance-Effective-Kaufmann-Intelligence/dp/0124158293

Lamboglia, R., Lavorato, D., Scornavacca, E., & Za, S. (2021). Exploring the relationship between audit and technology. A bibliometric analysis. Meditari Accountancy Research, 29, 1233–1260. https://doi.org/10.1108/MEDAR-03-2020-0836

Omoteso, K. (2012). The application of artificial intelligence in auditing: Looking back to the future. Expert Systems with Applications, 39, 8490– 8495. doi:10.1016/j.eswa.2012.01.098

Otto, B. (2011). Organizing data governance: Findings from the telecommunications industry and consequences for large service providers. Communications of the Association for Information Systems, 29(3), 45–66. Retrieved from http://aisel.aisnet.org/cais/vol29/iss1/3

Pierce, E., Dismute W., & Yonke C. (2008). Industry report: The state of information and data governance: Understanding how organisations govern their information and data assets. Baltimore, MD: International Association for Information and Data Quality, 1-55. https://www.iqpc.com/media/6972/2186.pdf

Rabii, H., Drissi, H., & Gacim, A. (2023). The Contribution Of It Audit To Data Governance. Journal of Namibian Studies, 36, 539-551. https://openurl.ebsco.com/EPDB%3Agcd%3A4%3A2274244/detailv2?sid=ebsco%3Aplink%3Ascholar&id=ebsco%3Agcd%3A173426557&crl=c&link_origin=scholar.google.com

Salijeni, G., Samsonova-Taddei, A., & Turley, S. (2019). Big data and changes in audit technology: contemplating a research agenda. Accounting and Business Research, 49, 95–119. https://ssrn.com/abstract=3148904

Sun, T. (2019). Applying deep learning to audit procedures: An illustrative framework. Accounting Horizons, 33, 89–109. https://doi.org/10.2308/acch-52455

Tallon, P. P., Ramirez, R. V., & Short, J. E. (2013). The information artifact in IT governance: Toward a theory of information governance. Journal of Management Information Systems, 30, 141–178. http://dx.doi.org/10.2753/MIS0742-1222300306

Thomas, G. (2006). Alpha males and data disasters: the case for data governance. Brass Cannon Press. 1-222. https://www.amazon.com/-/es/Gwen-Thomas/dp/B001RB5G78

Varshney, S. (2023). Data Governance: What, Why, Who & How. A practical guide with examples. OVALEDGE. 1-21. Available at: https://www.ovaledge.com/blog/what-is-data-governance

Vial, G. (2023). Data governance and digital innovation: a translational account of practitioner issues for IS research. Information and Organization, 33(1), 100450, 1-31. https://www.sciencedirect.com/science/article/pii/S1471772723000040

Weber, K., Otto, B., & Österle, H. (2009). One size does not fit all–A contingency approach to data governance. Journal of Data and Information Quality (JDIQ), 1(1), 1–27. http://doi.acm.org/10.1145/1515693.1515696

Wende, K. (2007). A model for data governance -Organising accountabilities for data quality management. Paper presented at the 18th Australasian Conference on Information Systems, Toowoomba, Australia. Retrieved from http://aisel.aisnet.org/cgi/viewcontent.cgi?article=1079&context=acis2007

Zhang, N., & Yuan, Q. (2016). An overview of data governance. Economics Paper, 1-10. https://www.researchgate.net/profile/Zhang-Ning-25/publication/321899578_An_Overview_of_Data_Governance/links/5a3867a8aca272a6ec1e8864/An-Overview-of-Data-Governance.pdf