https://www.iitasa.org.ir/ Journal of Information System and Technology Auditing en daily 1 Tue, 23 Sep 2025 00:00:00 +0330 Tue, 23 Sep 2025 00:00:00 +0330 https://www.iitasa.org.ir/article_236124.html The COBIT framework is a framework for governance and management of information and technology that targets the entire organization. The main objective of this study is to examine the impact of root, enabling, and strategic organizational factors on key operational and mediating factors in the COBIT framework in Iran. This study is a structural equation modeling study, the population of this study is all employees of auditing firms and the sample size is 384 people. The data collection tool is a questionnaire, and SmartPLS and SPSS software were used for data analysis. The findings indicate that independent variables, such as root organizational factors including goals, culture, structure, and values, have a positive and significant impact on the enabling and strategic variables of the COBIT framework, such as organizational commitment, communication, training, and strategies. Furthermore, enabling and strategic factors positively and significantly influence the key operational factors of the COBIT framework, like organizational IT. Customer orientation enhances these relationships, while dynamic organizational adaptability reduces them. It can be concluded that a correct understanding and management of organizational factors, particularly concerning values and customer orientation, are crucial for achieving the objectives of the COBIT framework and improving IT effectiveness in Iranian auditing firms. This research provides a foundation for a deeper exploration into the role of different versions of the COBIT framework within Iranian auditing institutions. It also highlights the necessity for a more precise analysis of organizational factors beyond customer orientation, especially concerning the challenges of dynamic adaptability. https://www.iitasa.org.ir/article_241507.html The rapid advancement of information technology (IT) and the growing complexity of organizational data have significantly transformed the field of IT governance and auditing. Traditional auditing approaches often struggle to cope with the volume, variety, and velocity of digital information, resulting in challenges for transparency, risk assessment, and value creation. This paper presents a conceptual study that integrates theories of Resource Dependence (RDT) and Legitimacy to propose a multi-layered framework for IT audit governance supported by artificial intelligence (AI) and machine learning (ML) techniques. The proposed model incorporates eight layers, including infrastructure, data, preprocessing, application, AI/ML analytics, reporting, governance, and a cross-cutting security layer, highlighting how advanced analytical tools can enhance transparency, strengthen stakeholder trust, and support sustainable value creation. By synthesizing existing literature and extending theoretical insights, this study not only offers a comprehensive conceptual framework but also outlines directions for future empirical research and practical applications in IT audit governance. https://www.iitasa.org.ir/article_240947.html The rapid advancement of large language models (LLMs) has drawn increasing attention from accounting education researchers to their performance on specialized questions and potential implications for learning and assessment. This study aims to evaluate and compare the performance of six LLMs (ChatGPT, Gemini, Perplexity, Grok, DeepSeek, and Qwen) on the Iranian PhD Accounting Examination and to assess their potential as educational support tools. The dataset comprises 300 official multiple-choice questions from three subjects (Auditing, Management Accounting, and Accounting Theory) administered between 2021 and 2025. Responses generated by each model were coded dichotomously (correct/incorrect) and evaluated against two reference levels, 0.25 (random performance) and 0.50 (minimum acceptable threshold), using one-sample proportion tests, with 95% confidence intervals reported for model accuracies. Cochran’s Q test was employed to compare relative performance across models. Results indicated that all models performed significantly above both reference levels. Although Gemini achieved the highest and Qwen the lowest correct-response rates, Cochran’s Q revealed no statistically significant differences in overall performance. Importantly, results are interpreted within an open-book scenario, and given the potential for data leakage and the multiple-choice nature of the questions, findings should not be construed as evidence of deep conceptual understanding or independent reasoning. Overall, the findings suggest that LLMs, even without advanced tuning or specialized training, possess substantial capacity for producing correct responses in standard accounting examinations and may serve as complementary tools in accounting education and assessment design. https://www.iitasa.org.ir/article_241981.html With the increasing use of information systems and the growing volume and diversity of system data, information technology audit faces new challenges in identifying abnormal and high-risk behaviors. Traditional audit methods, which are mainly based on manual inspections and static rules, have limited capability in detecting complex and non-linear patterns in today''s data. In this research, the anomaly detection problem in information technology audit is modeled as a binary classification task, and a data-driven approach based on machine learning is proposed to identify and prioritize high-risk cases. In the proposed method, transaction, customer, and merchant data are integrated, and after structured preprocessing, audit-oriented features are extracted, including temporal patterns, cross-system discrepancy indicators, and deviations from normal customer behavior. This study uses the public "IEEE-CIS Fraud Detection" dataset, consisting of 1000 transactions with 25 features. The features include raw transaction and customer data, as well as indicators extracted based on an audit approach such as temporal patterns and deviations from normal behavior. Due to the limitation of actual anomaly labels, a pseudo-labeling mechanism based on audit rules and risk scoring is designed and used as the target variable for training the random forest model. The model output is a probability score that enables ranking transactions and extracting prioritized high-risk cases. Experimental results show that the proposed method achieves 97% accuracy, 85% precision, 93% recall, and 89% F1-score on the test set, and can be used as an effective decision support tool for information technology audit. https://www.iitasa.org.ir/article_241790.html In today's technology-dependent economic environment, understanding the evolution of IT auditing is essential not only for operational efficiency, but also for securing IT systems and effectively managing risks. As IT auditing has now expanded beyond traditional assessments, it plays a pivotal role in improving audit practices, ensuring compliance with laws and standards, enhancing cybersecurity, reducing business risks, and facilitating informed decision-making in the digital transformation space. In the digital age, IT risk governance and management is critical for organizations across sectors, as IT risks can significantly impact operational sustainability, data security, and organizational reputation. This study provides a comprehensive analysis of the evolution of IT auditing and the key drivers of this evolution in the dynamic environment of digital transformations, through a literature review. It also explains the different definitions of IT governance and its key dimensions, explains the two common IT governance frameworks, COBIT and ITIL, and analyzes the advantages and disadvantages of each framework. Analyzing the strengths and weaknesses of these frameworks helps organizations adopt an approach aligned with the organization's strategic goals. With this understanding, organizations can increase their ability to manage IT systems, effectively achieve business goals, and secure their competitive advantage in dynamic markets. https://www.iitasa.org.ir/article_240304.html The aim of this study is to design a model for the implementation of a national cryptocurrency in Iran using a grounded theory approach. The research is exploratory–developmental in nature and seeks to identify and explain the key components influencing the establishment of a national cryptocurrency. Primary data were collected through in-depth interviews with 14 experts actively involved in the cryptocurrency domain who possessed direct practical experience. The extracted components were analyzed through a systematic coding process, and to enhance validity, the classical Delphi method was employed to confirm these components with independent experts. Subsequently, based on data gathered through a researcher-designed questionnaire administered to the target population, the paradigmatic model of the study was developed. The findings indicate that the causal conditions for implementing a national cryptocurrency include decentralization, higher security compared to conventional forms of money, increased transaction transparency, greater speed and ease of exchange, portability, and higher durability. The core category of the study encompasses the national cryptocurrency, blockchain technology as the underlying infrastructure, and smart contracts. The proposed strategies and actions for successful implementation involve the development of hardware, software, legal, and socio-cultural infrastructures. The implementation of a national cryptocurrency leads to several consequences, including the elimination of financial intermediaries, enhanced transparency and security of financial assets, inflation control, reduced financial costs, facilitation of international transactions under sanction conditions, and environmental impacts. The results underscore the macroeconomic importance of implementing a national cryptocurrency, while identifying high energy consumption and environmental consequences as the most significant challenge. https://www.iitasa.org.ir/article_241660.html Despite the severity and growing pervasiveness of cyber threats, the uptake of cyber insurance in Iran remains sluggish. This applied study adopts a systemic perspective to identify the main barriers to adoption and map their causal interrelationships. The research employs a mixed-methods design. A systematic literature review initially yielded fifteen potential barriers, which were subsequently reduced to ten key obstacles through a Delphi panel of experts. In the quantitative phase, the classical DEMATEL method and pairwise expert judgments were used to compute influence indices and construct a causal network. The findings reveal that the sufficiency and quality of incident and loss data constitute the core of the barrier network and are strongly shaped by upstream factors such as the level of institutional and governmental engagement, the capacity of the reinsurance market, clarity around coverage boundaries, especially regarding war and governmental actions, and inconsistencies in regulations and standards. Two context-specific barriers, namely the perceived risk of information disclosure and sanctions-related constraints on technical and reinsurance access, further differentiate the Iranian market and amplify behavioral and operational frictions on both the insurer and insured sides. Building on the feedback-rich causal map, the study proposes a policy package centered on controlled data sharing and greater transparency, regulatory and standard alignment, and enhanced financial and reinsurance capacity, alongside redesigned coverages, closer alignment with defensive controls, and improved post-incident services to strengthen trust and foster wider adoption of cyber insurance. https://www.iitasa.org.ir/article_234755.html Today, the most impactful technologies in the enterprise toolkit include artificial intelligence, automation, cloud applications, infrastructure, cybersecurity defense, and analytics. Together, these critical mechanisms enable companies to thrive in the most competitive business landscape in history and meet the expectations of an increasingly demanding customer base. While these technologies may appear very different on the surface and pursue unique goals, there is a common factor that unites them all: data. Data, in particular, influences operational and strategic decisions. How this data is governed has also become increasingly important, and it is considered a valuable asset. Data governance is a broad concept that encompasses the management of data assets in an organization. It encompasses aspects such as availability, integrity, security, decision-making rights, responsibilities, policies, processes, and technologies. In this review study, an attempt has been made to present a practical perspective on data governance research topics and approaches used for data governance and to provide useful insights for data governance by IT auditing. https://www.iitasa.org.ir/article_237158.html The aim of this study is to investigate the effect of digital financing on sustainability factors, financial performance and green innovation. This study is applied in terms of its nature and purpose, and is descriptive and correlational in terms of its analysis method, and quantitative and field research in terms of its data collection. The statistical population of the present study is all accountants and auditors in the country who are studying and working in 2025, and the statistical sample is 384 people and the data collection tool is a questionnaire. The results showed that digital financing has a positive and significant effect on sustainability factors, financial performance and green innovation of organizations. Considering the importance of sustainable factors in the economy, especially its financial dimensions and the problems of measuring financial and non-financial information, as well as the lack of a reference for evaluating companies in terms of the level of disclosure of environmental, social and corporate factors in Iran, and the novelty of the subject of digital financing, the effect of digital financing on sustainability factors, financial performance and green innovation was investigated; On the one hand, the current challenge has moved towards sustainability factors and green innovation, and on the other hand, a simultaneous examination of these factors and their impact on digital financing has not yet been carried out. https://www.iitasa.org.ir/article_241976.html Recent technological advances in the field of big data have created new opportunities for enhancing forensic accounting and auditing processes. Big data - characterized by high volume, velocity, and variety - enables professionals to perform more sophisticated analyses that support effective decision making in these areas. This study provides a descriptive study of reputable academic sources to review the impact of big data analytics on forensic accounting and auditing. The findings demonstrate that big data analytics can improve the efficiency of forensic accounting and auditing procedures, mitigate risks, and play a pivotal role in the detection and prevention of fraud. Moreover, big data tools have accelerated data analysis and facilitated the identification of hidden patterns. Applying these analytics has rendered auditing and forensic accounting processes faster, more accurate, and of higher quality. The use of big data in these two domains not only enhance the speed and the quality of process but also decision making in auditing and fraud detection. In particular, leveraging advanced data analytics tools has enabled the prediction of financial threats and the detection of anomalous patterns. https://www.iitasa.org.ir/article_240949.html In recent years, with the emergence and expansion of new technologies such as artificial intelligence and their increasing use in professional activities, significant concerns have arisen among accountants regarding the decline of professional judgment and the potential replacement of human roles by artificial intelligence. The purpose of the present study is to examine the effect of concerns stemming from the erosion of professional judgment due to the use of artificial intelligence on accountants’ perceived threat of job replacement. To this end, data were collected from 186 practicing accountants in the country using a convenience sampling method. The findings indicate that the independent variable explains 54 percent of the variance in perceived job replacement threat. The results further suggest that accountants who perceive artificial intelligence as a threat to their professional judgment experience higher levels of job insecurity and greater concern about being replaced by intelligent technologies. These findings highlight the importance of addressing the psychological and professional dimensions of artificial intelligence’s impact on the accounting profession and suggest that organizations, professional bodies, and educational institutions should develop appropriate supportive and educational strategies to facilitate constructive interaction between accountants and emerging technologies, thereby preserving the role of professional judgment in the era of intelligent technologies. https://www.iitasa.org.ir/article_241975.html With the expansion of digital technologies, Information Technology (IT) auditing has become a core pillar of financial oversight and internal control within organizations. The rapid development of Big Data, digital financial systems, electronic banking, and blockchain technology has introduced new levels of complexity and significant challenges for traditional auditing approaches. In this context, Artificial Intelligence (AI) and Machine Learning (ML) have emerged as transformative technologies, playing a critical role in enhancing audit accuracy, reducing human error, and optimizing auditing processes. This study adopts a review-based approach and employs a systematic literature review methodology to examine the applications of artificial intelligence in IT auditing, along with its benefits, challenges, and future prospects. Data were collected from reputable international academic sources and analyzed using qualitative analysis techniques. Accordingly, various machine learning models, Natural Language Processing (NLP) methods, and Big Data analytics techniques were comparatively evaluated to assess their effectiveness in auditing processes. The findings indicate that machine learning algorithms significantly outperform traditional auditing methods in fraud detection, financial pattern analysis, risk assessment, and financial report processing. Moreover, NLP enables the rapid and accurate analysis of financial documents, while Big Data analytics facilitates the identification of financial anomalies across large and complex datasets. Despite these advantages, the widespread implementation of AI-based auditing systems faces several challenges, including high implementation costs, technical complexity, legal constraints, ethical concerns, and the need for specialized training of auditors. These barriers remain critical factors limiting the large-scale adoption of artificial intelligence in IT auditing practices. https://www.iitasa.org.ir/article_228291.html With the expansion of modern technologies and the growing role of data in financial decision-making, equipping accounting students with data analytics skills has become a key requirement in updated curricula. This study aims to identify and analyze the perspectives of accounting faculty members at Iranian universities regarding the necessity, approach, and challenges of incorporating a “Data Analytics” course into the accounting curriculum. This research is applied in nature and follows a descriptive-survey method. The statistical population includes accounting faculty members at universities across the country during the 2024–2025 academic year, selected through purposive sampling. Data were collected using a researcher-designed questionnaire based on a literature review and previous studies, and were analyzed using descriptive and interpretive methods. Findings indicate that faculty members have low awareness and proficiency in the field of data analytics; translated and practice-based resources are prioritized for teaching; and major implementation challenges include a shortage of specialized instructors, weak technical infrastructure, and lack of institutional policy-making. Furthermore, the master’s level and offering the course either as a standalone subject or integrated with information systems were identified as the most suitable formats. Effective implementation of this course requires a holistic approach involving faculty development, infrastructure improvement, and curriculum restructuring. https://www.iitasa.org.ir/article_243261.html The auditing profession is undergoing a fundamental transformation in the digital age, driven by emerging technologies such as artificial intelligence and robotic process automation. This study aims to analyze the impact of these technologies on the efficiency, effectiveness, human resource structure, and competitive gap within auditing firms in Iran, employing a mixed-methods (qualitative-quantitative) approach. In the qualitative phase, 14 semi-structured interviews with experts were conducted to identify the key dimensions of technological impact and extract a preliminary conceptual model. In the quantitative phase, data collected from 300 valid questionnaires completed by auditors in large, medium, and small firms analyzed using covariance-based structural equation modeling in Amos software. The findings revealed that emerging technologies significantly enhance audit process efficiency by automating repetitive tasks. Furthermore, these technologies improve decision-making effectiveness and professional judgment quality by facilitating the analysis of complex data. Additionally, technology implementation has led to a reduction in low-level staff and a significant increase in demand for auditors with IT and data analytics skills. The environmental factor of client digitalization level was identified as the most decisive determinant of technology adoption by audit firms. The overall conclusion suggests that emerging technologies are transforming auditing into a data-driven and technology-based profession. While this transformation brings challenges such as a widening competitive gap between firms, the need for extensive retraining, and new ethical considerations, it also creates unparalleled opportunities for enhancing the quality, transparency, and efficiency of audit services.