Showing papers on "Audit published in 2022"

Planning experiments: Updated guidance on experimental design and analysis and their reporting III

Abstract: Scientists who plan to publish in British Journal of Pharmacology (BJP) must read this article before undertaking a study. This editorial provides guidance for the design of experiments. We have published previously two guidance documents on experimental design and analysis (Curtis et al., 2015; Curtis et al., 2018). This update clarifies and simplifies the requirements on design and analysis for BJP manuscripts. This editorial also details updated requirements following an audit and discussion on best practice by the BJP editorial board. Explanations for the requirements are provided in the previous articles. Here, we address new issues that have arisen in the course of handling manuscripts and emphasise three aspects of design that continue to present the greatest challenge to authors: randomisation, blinded analysis and balance of group sizes.

Threats, attacks and defenses to federated learning: issues, taxonomy and perspectives

Abstract: Abstract Empirical attacks on Federated Learning (FL) systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution. These attacks can not only cause models to fail in specific tasks, but also infer private information. While previous surveys have identified the risks, listed the attack methods available in the literature or provided a basic taxonomy to classify them, they mainly focused on the risks in the training phase of FL. In this work, we survey the threats, attacks and defenses to FL throughout the whole process of FL in three phases, including Data and Behavior Auditing Phase , Training Phase and Predicting Phase . We further provide a comprehensive analysis of these threats, attacks and defenses, and summarize their issues and taxonomy. Our work considers security and privacy of FL based on the viewpoint of the execution process of FL. We highlight that establishing a trusted FL requires adequate measures to mitigate security and privacy threats at each phase. Finally, we discuss the limitations of current attacks and defense approaches and provide an outlook on promising future research directions in FL.

Strategies for the implementation of clinical practice guidelines in public health: an overview of systematic reviews

Abstract: As a source of readily available evidence, rigorously synthesized and interpreted by expert clinicians and methodologists, clinical guidelines are part of an evidence-based practice toolkit, which, transformed into practice recommendations, have the potential to improve both the process of care and patient outcomes. In Brazil, the process of development and updating of the clinical guidelines for the Brazilian Unified Health System (Sistema Único de Saúde, SUS) is already well systematized by the Ministry of Health. However, the implementation process of those guidelines has not yet been discussed and well structured. Therefore, the first step of this project and the primary objective of this study was to summarize the evidence on the effectiveness of strategies used to promote clinical practice guideline implementation and dissemination.This overview used systematic review methodology to locate and evaluate published systematic reviews regarding strategies for clinical practice guideline implementation and adhered to the PRISMA guidelines for systematic review (PRISMA).This overview identified 36 systematic reviews regarding 30 strategies targeting healthcare organizations, healthcare providers and patients to promote guideline implementation. The most reported interventions were educational materials, educational meetings, reminders, academic detailing and audit and feedback. Care pathways-single intervention, educational meeting-single intervention, organizational culture, and audit and feedback-both strategies implemented in combination with others-were strategies categorized as generally effective from the systematic reviews. In the meta-analyses, when used alone, organizational culture, educational intervention and reminders proved to be effective in promoting physicians' adherence to the guidelines. When used in conjunction with other strategies, organizational culture also proved to be effective. For patient-related outcomes, education intervention showed effective results for disease target results at a short and long term.This overview provides a broad summary of the best evidence on guideline implementation. Even if the included literature highlights the various limitations related to the lack of standardization, the methodological quality of the studies, and especially the lack of conclusion about the superiority of one strategy over another, the summary of the results provided by this study provides information on strategies that have been most widely studied in the last few years and their effectiveness in the context in which they were applied. Therefore, this panorama can support strategy decision-making adequate for SUS and other health systems, seeking to positively impact on the appropriate use of guidelines, healthcare outcomes and the sustainability of the SUS.

Examining the critical factors of computer-assisted audit tools and techniques adoption in the post-COVID-19 period: internal auditors perspective

Abstract: Purpose In light of the repercussions of the COVID-19 pandemic, electronic auditing otherwise known as computer-assisted audit tools and techniques (CAATTs) has become inevitable to automate the auditing process worldwide. Accordingly, the purpose of this study is to examine the influence of technological, organizational and environmental (TOE) factors on public sector adoption of CAATTs in developing countries such as Jordan under the COVID-19 pandemic conditions. Design/methodology/approach This study used 136 usable responses from the managers of internal audit (IA) of the Jordanian public sector entities. The data collected were analyzed using partial least squares-structural equation modeling. The TOE framework has been used in this study to consider a wide set of TOE factors. Then, this study suggests a CAATTs adoption model that incorporates the related technology factors of the diffusion of innovation theory to environmental and organizational factors. Further, this study contributes to the TOE framework by addressing government regulations, audit bodies’ support and audit task complexity as environmental factors affecting CAATTs adoption in the context of the public sector. Findings The results revealed that for technological factors, only the compatibility affects CAATTs adoption by the IA departments. For organizational factors, organizational readiness, top management support, auditors’ information technology competency and entity size were found to be significant factors. From the environmental factors, both government regulation and audit task complexity influence the CAATTs adoption. Besides, entity size moderates the influence of top management support on the CAATTs adoption in the public sector. Practical implications The findings could highlight the significance of the CAATTs adoption in the public sector institutions (by internal auditors) post-COVID-19, taking into consideration the TOE framework’s factors. Also, the findings are significant for the decision-makers and regulators in declaring new legislation for the electronic IA profession in the Jordanian public sector. Social implications It turns out that the CAATTs adoption in the public sector can definitely enhance their ability to achieve the role of IA in preserving public funds and restricting corrupt practices within the public sector. Originality/value To the best of the authors’ knowledge, this study is one of the first studies that address the professional audit agency support and audit task complexity as environmental factors, as well as the entity size as an organizational factor, that affect CAATTs adoption in the IA department of the public sector.

The Road to Explainability is Paved with Bias: Measuring the Fairness of Explanations

Abstract: Machine learning models in safety-critical settings like healthcare are often “blackboxes”: they contain a large number of parameters which are not transparent to users. Post-hoc explainability methods where a simple, human-interpretable model imitates the behavior of these blackbox models are often proposed to help users trust model predictions. In this work, we audit the quality of such explanations for different protected subgroups using real data from four settings in finance, healthcare, college admissions, and the US justice system. Across two different blackbox model architectures and four popular explainability methods, we find that the approximation quality of explanation models, also known as the fidelity, differs significantly between subgroups. We also demonstrate that pairing explainability methods with recent advances in robust machine learning can improve explanation fairness in some settings. However, we highlight the importance of communicating details of non-zero fidelity gaps to users, since a single solution might not exist across all settings. Finally, we discuss the implications of unfair explanation models as a challenging and understudied problem facing the machine learning community.

Auditing the AI auditors: A framework for evaluating fairness and bias in high stakes AI predictive models.

Abstract: Researchers, governments, ethics watchdogs, and the public are increasingly voicing concerns about unfairness and bias in artificial intelligence (AI)-based decision tools. Psychology's more-than-a-century of research on the measurement of psychological traits and the prediction of human behavior can benefit such conversations, yet psychological researchers often find themselves excluded due to mismatches in terminology, values, and goals across disciplines. In the present paper, we begin to build a shared interdisciplinary understanding of AI fairness and bias by first presenting three major lenses, which vary in focus and prototypicality by discipline, from which to consider relevant issues: (a) individual attitudes, (b) legality, ethicality, and morality, and (c) embedded meanings within technical domains. Using these lenses, we next present psychological audits as a standardized approach for evaluating the fairness and bias of AI systems that make predictions about humans across disciplinary perspectives. We present 12 crucial components to audits across three categories: (a) components related to AI models in terms of their source data, design, development, features, processes, and outputs, (b) components related to how information about models and their applications are presented, discussed, and understood from the perspectives of those employing the algorithm, those affected by decisions made using its predictions, and third-party observers, and (c) meta-components that must be considered across all other auditing components, including cultural context, respect for persons, and the integrity of individual research designs used to support all model developer claims. (PsycInfo Database Record (c) 2022 APA, all rights reserved).

A Blockchain-Based Multi-Cloud Storage Data Auditing Scheme to Locate Faults

Abstract: Network storage services have benefited countless users worldwide due to the notable features of convenience, economy and high availability. Since a single service provider is not always reliable enough, more complex multi-cloud storage systems are developed for mitigating the data corruption risk. While a data auditing scheme is still needed in multi-cloud storage to help users confirm the integrity of their outsourced data. Unfortunately, most of the corresponding schemes rely on trusted institutions such as the centralized third-party auditor (TPA) and the cloud service organizer, and it is difficult to identify malicious service providers after service disputes. Therefore, we present a blockchain-based multi-cloud storage data auditing scheme to protect data integrity and accurately arbitrate service disputes. We not only introduce the blockchain to record the interactions among users, service providers, and organizers in data auditing process as evidence, but also employ the smart contract to detect service dispute, so as to enforce the untrusted organizer to honestly identify malicious service providers. We also use the blockchain network and homomorphic verifiable tags to achieve the low-cost batch verification without TPA. Theoretical analyses and experiments reveal that the scheme is effective in multi-cloud environments and the cost is acceptable.

Who Audits the Auditors? Recommendations from a field scan of the algorithmic auditing ecosystem

Abstract: Algorithmic audits (or ‘AI audits’) are an increasingly popular mechanism for algorithmic accountability; however, they remain poorly defined. Without a clear understanding of audit practices, let alone widely used standards or regulatory guidance, claims that an AI product or system has been audited, whether by first-, second-, or third-party auditors, are difficult to verify and may potentially exacerbate, rather than mitigate, bias and harm. To address this knowledge gap, we provide the first comprehensive field scan of the AI audit ecosystem. We share a catalog of individuals (N=438) and organizations (N=189) who engage in algorithmic audits or whose work is directly relevant to algorithmic audits; conduct an anonymous survey of the group (N=152); and interview industry leaders (N=10). We identify emerging best practices as well as methods and tools that are becoming commonplace, and enumerate common barriers to leveraging algorithmic audits as effective accountability mechanisms. We outline policy recommendations to improve the quality and impact of these audits, and highlight proposals with wide support from algorithmic auditors as well as areas of debate. Our recommendations have implications for lawmakers, regulators, internal company policymakers, and standards-setting bodies, as well as for auditors. They are: 1) require the owners and operators of AI systems to engage in independent algorithmic audits against clearly defined standards; 2) notify individuals when they are subject to algorithmic decision-making systems; 3) mandate disclosure of key components of audit findings for peer review; 4) consider real-world harm in the audit process, including through standardized harm incident reporting and response mechanisms; 5) directly involve the stakeholders most likely to be harmed by AI systems in the algorithmic audit process; and 6) formalize evaluation and, potentially, accreditation of algorithmic auditors.

Understanding the Intention to Adopt Cloud-based Accounting Information System in Jordanian SMEs

Abstract: The Information Technology (IT) revolution that led to the development of cloud computing services and systems has brought numerous benefits to end users handling business through the Internet, particularly in the field of accounting information systems (AIS). Cloud-based accounting information systems (CB-AIS) enable firms to substantially reduce their investment in IT and have flexible access to an enormous group of current and scalable resources. CB-AIS enables small- and medium-sized enterprises (SMEs) to undertake basic bookkeeping responsibilities themselves instead of paying external auditors for the same services. In Jordan, however, current businesses are still in the infancy stage when it comes to CB-AIS adoption. Therefore, this study applied the Technology, Organization, and Environment model to examine CB-AIS adoption among SMEs in Jordan. Data collection was achieved using a structured survey questionnaire collected from 156 owners/managers of SMEs in Jordan through online means. The proposed research framework comprises six factors that influence intention to adopt CB-AIS (IACB-AIS). Based on the findings, the proposed hypotheses were supported in that the factors positively and significantly affect the IACB-AIS of SMEs in Jordan. Through examining an actual IACB-AIS case and highlighting the importance of its application, the study and its findings are expected to contribute to decision-makers and practitioners in the IT field.

NPP: A New Privacy-Aware Public Auditing Scheme for Cloud Data Sharing with Group Users

Abstract: Today, cloud storage becomes one of the critical services, because users can easily modify and share data with others in cloud. However, the integrity of shared cloud data is vulnerable to inevitable hardware faults, software failures or human errors. To ensure the integrity of the shared data, some schemes have been designed to allow public verifiers (i.e., third party auditors) to efficiently audit data integrity without retrieving the entire users’ data from cloud. Unfortunately, public auditing on the integrity of shared data may reveal data owners’ sensitive information to the third party auditor. In this paper, we propose a new privacy-aware public auditing mechanism for shared cloud data by constructing a homomorphic verifiable group signature. Unlike the existing solutions, our scheme requires at least t group managers to recover a trace key cooperatively, which eliminates the abuse of single-authority power and provides non-frameability. Moreover, our scheme ensures that group users can trace data changes through designated binary tree; and can recover the latest correct data block when the current data block is damaged. In addition, the formal security analysis and experimental results indicate that our scheme is provably secure and efficient.

Toward User-Driven Algorithm Auditing: Investigating users’ strategies for uncovering harmful algorithmic behavior

Abstract: Recent work in HCI suggests that users can be powerful in surfacing harmful algorithmic behaviors that formal auditing approaches fail to detect. However, it is not well understood how users are often able to be so effective, nor how we might support more effective user-driven auditing. To investigate, we conducted a series of think-aloud interviews, diary studies, and workshops, exploring how users find and make sense of harmful behaviors in algorithmic systems, both individually and collectively. Based on our findings, we present a process model capturing the dynamics of and influences on users’ search and sensemaking behaviors. We find that 1) users’ search strategies and interpretations are heavily guided by their personal experiences with and exposures to societal bias; and 2) collective sensemaking amongst multiple users is invaluable in user-driven algorithm audits. We offer directions for the design of future methods and tools that can better support user-driven auditing.

Do dynamic capabilities matter? A study on environmental performance and the circular economy in European certified organisations

Abstract: Organisations face barriers in the transition towards a circular economy. Environmental management systems have often been adopted to tackle environmental challenges, but, more recently, scholars have proposed dynamic capabilities as a strategy to foster circular economy initiatives. Considering the level of internalisation of the environmental management system, we investigated the contribution of dynamic capabilities to organisation performance and circular economy implementation. Using partial least squares structural equation modelling, we analysed more than 800 European organisations registered with the Eco-Management and Audit Scheme. Our results proved that dynamic capabilities contribute to the internalisation of the environmental management system, which consequently improves the overall organisation performance and circular economy adoption. In addition, while dynamic capabilities directly influence the circular economy and environmental performance of an organisation, EMAS internalisation is crucial for a better economic performance and environmental reputation. Lastly, we assessed the contribution of sensing, seizing and reconfiguring capabilities to the internalisation of the environmental management standard proving their crucial role in the integration of the standard's requirements. Our study highlights the scarce linkages between the Eco-Management and Audit Scheme and the circular economy by suggesting how organisations can identify and pursue circular economy opportunities through dynamic capabilities.

Methodology Review: A Protocol to Audit the Representation of Female Athletes in Sports Science and Sports Medicine Research.

Abstract: Female-specific research on sports science and sports medicine (SSSM) fails to mirror the increase in participation and popularity of women's sport. Females have historically been excluded from SSSM research, particularly because their physiological intricacy necessitates more complex study designs, longer research times, and additional costs. Consequently, most SSSM practices are based on research with men, despite potential problems in translation to females due to sexual dimorphism in biological and phenotypical parameters as well as differences in event characteristics (e.g., race distances/durations). Recognition that erroneous extrapolations may hamper the efforts of females to maximize their athletic potential has created an impetus to acknowledge and readdress the sex disparity in SSSM research. To direct the priorities for future research, it is prudent to first develop a comprehensive understanding of the gaps in current knowledge by systematically "auditing" the literature. By conducting audits of the literature to highlight underdeveloped topics or identify potential problems with the quality of research, this information can then be used to expediently direct new research activities. This paper therefore presents a standardized audit methodology to establish the representation of female athletes in subdisciplines of existing SSSM research, including a template for reporting the results of key metrics. This standardized audit process will enable comparisons over time and between research subdisciplines. This working guide provides an important step toward achieving sex equity across SSSM research, with the eventual goal of providing evidence-based recommendations specific to the female athlete.

The Impact of Digital Economy on the Efficiency of Green Financial Investment in China’s Provinces

Abstract: The global digital operation of finance has accelerated, and the transformation and upgrading of the financial industry has been fully empowered by digital technology, which has promoted the development of traditional financial industry toward green finance. Accelerating the pace of China’s entry into the digital economy era has given the green financial industry new opportunities in its digital transformation. Therefore, the research reported in this paper selects provincial panel data and discusses the impact efficiency of the digital economy on green financial investment in China by static panel OLS and the threshold model method, and constructs a threshold model with regional industry scale and green financial audit as threshold variables. These steps are used to analyze the nonlinear characteristics of digital economy and green financial efficiency. The results show that the digital economy can improve the overall efficiency of China’s green finance, and there are two threshold effects with regional industry scale as the threshold variable and one threshold effect with green financial audit support as the threshold variable. The results show that the development of a digital economy improved the investment efficiency of green finance in all provinces of China. In addition, through our research, we found that the application of the digital economy in green finance can reduce the imbalance of regional economic development. China should also strengthen the supervision of green auditing to promote the development of new green financial formats.

OUP accepted manuscript

Abstract: Abstract Background The implementation of diabetes prevention for women with previous gestational diabetes (GDM) has been stymied by many barriers that are located within routine general practice (GP). We aimed to unpack the GP factors and understand the mechanisms that explain why a diabetes prevention intervention for this population succeeds or fails. Methods We performed a mixed-methods study with a Normalization Process Theory framework that included clinical audits, semistructured interviews, and focus groups within mixed urban and rural primary care practices in Victoria, Australia. Staff of primary care practices and external support staff who provide services to women with previous GDM participated in a 12-month quality improvement collaborative intervention. We compared diabetes screening and prevention activity planning with the strategies and factors identified through a process evaluation of full-, moderate-, and low-active participating practices. Results The intervention doubled screening rates (26%–61%) and 1-in-10 women received a diabetes prevention planning consultation. Critical improvement factors were: mothers being seen as participants in the quality improvement work; staff collectively building care strategies; staff taking a long-term care of a community perspective rather than episodic service delivery; and feedback processes being provided and acted on across the practice. The observable factors from the external perspective were: leadership by identified practice staff, reminder systems in action and practice staff driving the process collectively. Conclusions Successful engagement in diabetes prevention for women with previous GDM requires proactive building of the critical improvement factors and audit feedback into routine GP.

Audit committee characteristics and tax avoidance: Evidence from an emerging economy

Abstract: Abstract This study aims to examine the impact of the characteristics of the audit committee on tax avoidance in Vietnam. The article uses data of non-financial firms listed on the Ho Chi Minh City and Ha Noi Stock Exchange over the period 2010–2019. By using the FEM and SGMM estimation for panel data, the empirical results show how the characteristics of the audit committee affect tax avoidance differently. Specifically, we find that the size of the audit committee has a positive correlation to tax avoidance, while the proportion of female members, financial and accounting experts of the audit committee can constrain tax avoidance behaviors. Our finding provides some important implications for listed firms to enhance the role of the audit committee in constraining tax avoidance behavior.

SHADEWATCHER: Recommendation-guided Cyber Threat Analysis using System Audit Records

Abstract: System auditing provides a low-level view into cyber threats by monitoring system entity interactions. In response to advanced cyber-attacks, one prevalent solution is to apply data provenance analysis on audit records to search for anomalies (anomalous behaviors) or specifications of known attacks. However, existing approaches suffer from several limitations: 1) generating high volumes of false alarms, 2) relying on expert knowledge, or 3) producing coarse-grained detection signals. In this paper, we recognize the structural similarity between threat detection in cybersecurity and recommendation in information retrieval. By mapping security concepts of system entity interactions to recommendation concepts of user-item interactions, we identify cyber threats by predicting the preferences of a system entity on its interactive entities. Furthermore, inspired by the recent advances in modeling high-order connectivity via item side information in the recommendation, we transfer the insight to cyber threat analysis and customize an automated detection system, SHADEWATCHER. It fulfills the potential of high-order information in audit records via graph neural networks to improve detection effectiveness. Besides, we equip SHADEWATCHER with dynamic updates towards better generalization to false alarms. In our evaluation against both real-life and simulated cyber-attack scenarios, SHADEWATCHER shows its advantage in identifying threats with high precision and recall rates. Moreover, SHADEWATCHER is capable of pinpointing threats from nearly a million system entity interactions within seconds.

Fraud detection in publicly traded U.S firms using Beetle Antennae Search: A machine learning approach

Abstract: In this paper, we present a fraud detection framework for publicly traded firms using an optimization approach integrated with a meta-heuristic algorithm known as Beetle Antennae Search (BAS). Existing techniques include human resources, like financial experts and audit teams, to determine the ambiguities or financial frauds in the companies based on financial and non-financial ratios. It is a laborious task, time-consuming, and prone to errors. We designed an optimization problem to minimize the loss function based on a non-linear decision function combined with the maximization of recall (Sensitivity and Specificity). We solved the optimization problem iteratively using the BAS. It is a nature-inspired algorithm and mimics the beetle’s food-searching nature. It includes a single searching particle to find an optimal solution to the optimization problem in n -dimensional space. We used a benchmark dataset collected from SEC’s Accounting and Auditing Enforcement Releases (AAERs) for the simulation. It includes 28 raw financial variables and the data collected between 1991–2008. For the comparison, we evaluated the performance of BAS with the recently proposed approach using RUSBoost. We also compared it with some additional algorithms, i.e., Logit and SVM-FK. The results showed that BAS is comparable with these algorithms and outperformed them in time consumption. • Fraud detection in US-Public firms using BAS algorithm. • BAS is computationally and time-wise efficient. • Unbalanced Public firms’ dataset is tackled with SMOTE and BAS. • Achieved state-of-the-art accuracy in comparison with other algorithms. • Time efficiency of BAS outperformed other algorithms.

How accessible is my visualization? Evaluating visualization accessibility with Chartability

Abstract: Novices and experts have struggled to evaluate the accessibility of data visualizations because there are no common shared guidelines across environments, platforms, and contexts in which data visualizations are authored. Between non‐specific standards bodies like WCAG, emerging research, and guidelines from specific communities of practice, it is hard to organize knowledge on how to evaluate accessible data visualizations. We present Chartability, a set of heuristics synthesized from these various sources which enables designers, developers, researchers, and auditors to evaluate data‐driven visualizations and interfaces for visual, motor, vestibular, neurological, and cognitive accessibility. In this paper, we outline our process of making a set of heuristics and accessibility principles for Chartability and highlight key features in the auditing process. Working with participants on real projects, we found that data practitioners with a novice level of accessibility skills were more confident and found auditing to be easier after using Chartability. Expert accessibility practitioners were eager to integrate Chartability into their own work. Reflecting on Chartability's development and the preliminary user evaluation, we discuss tradeoffs of open projects, working with high‐risk evaluations like auditing projects in the wild, and challenge future research projects at the intersection of visualization and accessibility to consider the broad intersections of disabilities.

The effect of corporate governance quality and its mechanisms on firm philanthropic donations: evidence from the UK

Abstract: Purpose This paper aims to investigate whether and how better corporate governance practices can lead to philanthropic behavior among companies in the UK. In particular, this study attempts to determine whether corporate governance quality in general, as well as its specific mechanisms, affects corporate giving. Design/methodology/approach The analysis is based on a sample of Financial Times Stock Exchange All-Share nonfinancial companies. Data on firm donations, including donations amount and donations intensity, were manually collected from companies’ annual reports for the period 2018–2020. This paper uses panel data models to examine the research hypotheses. Findings The results of this study indicate that both donations amount and donations intensity are positively associated with the practice of better corporate governance. Board independence is positively associated with donations amount, but not with the intensity of donations. Furthermore, board size, board gender diversity and the establishment of a corporate social responsibility (CSR) committee are likely to have a positive impact on the amount and the intensity of firms’ donations. However, neither the chief executive officer board membership nor the audit committee’s independence is related to the firm’s donations. Practical implications This study sheds light on specific governance factors that affect firm donations in the context of UK companies. This allows regulators and legislators to evaluate the donations activities in the country and issue more directives to reinforce corporate governance practices that support corporate donations. In addition, the findings of this study are considered crucial to investors who prefer investing in companies with significant CSR-related activities to improve the value relevance of their investments. Originality/value This study provides a shred of unique evidence on the impact of corporate governance practices on firms’ donations.