RISK BASED INFORMATION SYSTEM AUDIT: A LITERATURE REVIEW AND ITS IMPLICATIONS IN ACCOUNTING
Keywords:
Audit risk, information system audit, INFORMATION TECHNOLOGY-BASED, INTERNAL CONTROLAbstract
This study analyzes the concept of Risk Based Information System Auditing (RBISA) and its relevance in the accounting profession. In line with the rapid growth of digital technology and the widespread use of automated accounting systems, organizations require more flexible and risk focused auditing approaches. Based on prior research and recognized frameworks such as COBIT, ITAF, and COSO, this paper evaluates how a risk based audit approach improves the effectiveness, accuracy, and trustworthiness of financial information systems. It explains the fundamental components of RBISA, including risk identification, risk evaluation, control examination, and audit reporting, and discusses its contribution to enhancing internal control systems, increasing audit productivity, and promoting proactive risk mitigation. Additionally, the study addresses the use of technological advancements such as data analytics and automated audit documentation, which enhance audit performance while simultaneously demanding higher technical competencies from auditors. The results indicate that implementing RBISA supports stronger corporate governance, greater financial accountability, and better compliance with regulatory requirements. Overall, this paper emphasizes the necessity of combining risk oriented and technology based auditing strategies in contemporary accounting practices to strengthen organizational accountability and long term resilience.
References
Alzeban, A., & Gwilliam, D. (2014). Factors affecting the internal audit effectiveness: A survey of the Saudi public sector. Journal of International Accounting, Auditing and Taxation, 23(2), 74–86. https://doi.org/10.1016/j.intaccaudtax.2014.06.001
Arena, M., & Azzone, G. (2009). Identifying organizational drivers of internal audit effectiveness. International Journal of Auditing, 13(1), 43–60. https://doi.org/10.1111/j.1099-1123.2008.00392.x
Bierstaker, J., Janvrin, D., & Lowe, D. J. (2014). What factors influence auditors’ use of computer-assisted audit techniques? Advances in Accounting, 30(1), 67–74. https://doi.org/10.1016/j.adiac.2013.12.005
International Federation of Accountants. (2018). International standards on auditing (ISAs). IFAC.
ISACA. (2020). COBIT 2019 framework: Governance and management objectives. ISACA.
Kuhn, J. R., & Sutton, S. G. (2010). Continuous auditing in ERP system environments: The current state and future directions. Journal of Information Systems, 24(1), 91–112. https://doi.org/10.2308/jis.2010.24.1.91
Lenz, R., Sarens, G., & D’Silva, K. (2014). Probing the discriminatory power of characteristics of internal audit functions: Empirical evidence. International Journal of Auditing, 18(2), 126–138. https://doi.org/10.1111/ijau.12016
Moeller, R. R. (2016). Brink’s modern internal auditing: A common body of knowledge (8th ed.). Wiley.
Sari, R. N., & Nugroho, M. (2022). The role of information technology in risk-based auditing: A literature review. Asian Journal of Accounting Research, 7(3), 245–260. https://doi.org/10.1108/AJAR-10-2021-0204
Spraakman, G., O’Grady, W., Askarany, D., & Akroyd, C. (2015). ERP systems and management accounting: New understandings through “nudging” in research. Journal of Accounting & Organizational Change, 11(1), 63–88. https://doi.org/10.1108/JAOC-06-2013-0040
Vasarhelyi, M. A., Alles, M. G., & Kogan, A. (2012). Principles of analytic monitoring for continuous assurance. Journal of Emerging Technologies in Accounting, 9(1), 1–21. https://doi.org/10.2308/jeta-50159
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 MIA ARISTYA PUTRI
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
