Evaluating the Security Controls of CAIS in Developing Countries: The Case of Saudi Arabia

This paper examines the existence and adequacy of implemented ComputerizedAccounting Information Systems (CAIS) security controls to prevent, detect and correct securitybreaches in Saudi organizations. An empirical survey, using a self-administered questionnaire,was carried out to achieve this purpose. Five hundred questionnaires were distributed on a randomsample of Saudi organizations. Two hundred and seventy five valid, usable questionnaires werecollected and analyzed. The results of the study highlight a number of inadequately implementedCAIS security controls, and some suggestions and recommendations are introduced to strengthenthe weak points and to close the loopholes in the present CAIS security controls in Saudiorganizations. From a practical standpoint, managers, auditors, IT users and practitioners alikestand to gain from the findings of this study. The results could enable them to better understandand secure their CAIS and to champion IT development for the success of their businesses.