Collaborative organisational structures : implications for the accounting profession

The IT systems drive the financial reporting processes in modern business environments. The result is an integrative system of initialing, authorizing, recording, and processing of financial transactions. This IT-related change inextricably links to the overall financial reporting process, requiring a deeper level of understanding and commitment. Firm’s IT governance initiatives provide this commitment by enforcing controls to IT components to ensure compliance to overall financial reporting requirements. The IT governance institute (ITGI) and other authorities have developed a number of frameworks and guidelines (e.g., COBIT) to help management in managing IT-intensive processes.

Corporate governance and misappropriation

This study examines the occurrence of misappropriation-type fraud within Australian listed firms and the relation between the incidence of this type of fraud and a firm's governance strength. We measure governance strength using factors relating to traditional corporate governance, such as board composition, CEO duality, and audit committee composition, as well as factors relating to information technology governance. In our study, we use actual dollar amount of fraud reported by listed companies responding to the 2004 KPMG Fraud Survey as one of three different misappropriation measures and publicly available firm-specific data to measure the other variables in the model. Our study found that where the chief executive officer (CEO) also holds the position of chairperson of the board of directors, the likelihood of fraud increases. We also find that the greater the number of independent directors on the audit committee, the lower the level of fraud. Taken together, these results are particularly encouraging as they provide support for regulatory bodies such as the Australian Stock Exchange (ASX) and the Australian Securities and Investment Commission (ASIC), which place considerable emphasis on the importance of establishing good corporate governance practices. The study provides empirical evidence that employing good corporate governance reduces the risk of the misappropriation of assets.

A risk simulation framework for information infrastructure protection

Information communication and technology (ICT) systems are almost ubiquitous in the modern world. It is hard to identify any industry, or for that matter any part of society, that is not in some way dependent on these systems and their continued secure operation. Therefore the security of information infrastructures, both on an organisational and societal level, is of critical importance. Information security risk assessment is an essential part of ensuring that these systems are appropriately protected and positioned to deal with a rapidly changing threat environment. The complexity of these systems and their inter-dependencies however, introduces a similar complexity to the information security risk assessment task. This complexity suggests that information security risk assessment cannot, optimally, be undertaken manually. Information security risk assessment for individual components of the information infrastructure can be aided by the use of a software tool, a type of simulation, which concentrates on modelling failure rather than normal operational simulation. Avoiding the modelling of the operational system will once again reduce the level of complexity of the assessment task. The use of such a tool provides the opportunity to reuse information in many different ways by developing a repository of relevant information to aid in both risk assessment and management and governance and compliance activities. Widespread use of such a tool allows the opportunity for the risk models developed for individual information infrastructure components to be connected in order to develop a model of information security exposures across the entire information infrastructure. In this thesis conceptual and practical aspects of risk and its underlying epistemology are analysed to produce a model suitable for application to information security risk assessment. Based on this work prototype software has been developed to explore these concepts for information security risk assessment. Initial work has been carried out to investigate the use of this software for information security compliance and governance activities. Finally, an initial concept for extending the use of this approach across an information infrastructure is presented.

Business Process Data Compliance

Most approaches to business process compliance are restricted to the analysis of the structure of processes. It has been argued that full regulatory compliance requires information on not only the structure of processes but also on what the tasks in a process do. To this end Governatori and Sadiq[2007] proposed to extend business processes with semantic annotations. We propose a methodology to automatically extract one kind of such annotations; in particular the annotations related to the data schema and templates linked to the various tasks in a business process.

The Punitive Turn in Juvenile Justice: Cultures of Control and Rights of Compliance in Western Europe and the USA

Separate systems of justice for children and young people have always been beset by issues of contradiction and compromise. There is compelling evidence that such ambiguity is currently being `resolved' by a greater governmental resort to neo-conservative punitive and correctional interventions and a neo-liberal responsibilizing mentality in which the protection historically afforded to children is rapidly dissolving. This resurgent authoritarianism appears all the more anachronistic when it is set against the widely held commitment to act within the guidelines established by various children's rights conventions. Of note is the United Nations Convention on the Rights of the Child, frequently described as the most ratified human rights convention in the world, but lamentably also the most violated. Based on international research on juvenile custody rates and children's rights compliance in the USA and Western Europe, this article examines why and to what extent `American exceptionalism' might be permeating European nation states.

Automated support for versioning compliance checking between workflow management and product lifecycle management (in Chinese)

With the development of enterprise informatisation, Product Lifecycle Management (PLM) systems have been widely deployed and applied in enterprises. This paper analyzes the requirement that conducting version operations on business objects as specified in process models should be compliant with the versioning policies imposed by product lifecycles. This leads to the introduction of the concept of versioning compliance, and the approach of compliance checking that we proposed in our earlier work, which comprises both syntactical compatibility and behavioural compatibility checking. The paper then focuses on the tool implementation for providing automated support to the versioning compliance checking. An empirical evaluation of the tool was also performed with industrial partners using the well-known questionnaire-based method. The evaluation and feedback from practitioners further evidence the practical significance of this research question in the PLM field and demonstrate that the proposed solution with its automated tool support possesses a high application potential.