The Impact of Information Technology Audit on AuditQuality: ‎An Empirical Study of Auditors in The Capital Market ‎of Thailand

  • Authors

    • Metinee Messuwan Ph.D. Candidate, Mahasarakham Business School, Mahasarakham University, Mahasarakham Province 44150
    • Nuttavong Poonpool Ph.D., Associate Professor, Mahasarakham Business School, Mahasarakham University, Mahasarakham Province 44150‎
    • Salakjit Ninlaphay Ph.D., Associate Professor, Mahasarakham Business School, Mahasarakham University, Mahasarakham Province 44150
    https://doi.org/10.14419/5cfj0716

    Received date: September 8, 2025

    Accepted date: October 14, 2025

    Published date: October 24, 2025

  • Information Technology Audit; Data Security; Reducing Audit Risk; Audit Quality

  • Abstract

    This study investigates the impact of information technology audit on the audit quality of auditors in Thailand’s capital market, with a partic‎ular focus on how information technology audit practices influence key dimensions of audit quality, including reducing audit risk and data ‎security. A quantitative research approach was employed, using structured questionnaires distributed by mail to 365 licensed auditors in the ‎capital market, from which 93 valid responses were collected and analyzed. The findings reveal that information technology audit signifi‎cantly enhances audit quality by enhancing data security, strengthening system security, and increasing operational efficiency. These results ‎confirm the essential role of information technology audit in reducing audit risk and maintaining standards of auditing practice. Overall, the ‎study emphasizes the strategic importance of information technology audit as a proactive mechanism for safeguarding information and en‎suring the reliability of audit processes. It also highlights the ongoing need to strengthen information technology governance frameworks ‎and develop auditors’ competencies to effectively respond to emerging digital challenges. The insights derived from this research provide ‎valuable guidance for regulators, auditors, and stakeholders seeking to improve audit effectiveness in Thailand’s capital market‎.

  • References

    1. Agoes, S., & Hoesada, J. (2012). Bunga Rampai Auditing. Jakarta: Salemba Empat .
    2. Albrecht, W. S., Albrecht, C., & Albrecht, C. (2015). Fraud Examination. Cengage Learning.
    3. Al-Omush, A., Almasarwah, A., & Al-Wreikat, A. (2025). Artificial intelligence in financial auditing: redefining accuracy and transparency in as-surance services. EDPACS, 1–20. https://doi.org/10.1080/07366981.2025.2459490.
    4. AlShaer, H. (2020). Elevating Professional Reasoning in Auditing: Psycho-Professional Perspective. Journal of Accounting and Auditing: Research & Practice, 2020, 1–10. https://doi.org/10.5171/2020.804680.
    5. Andoko, M. P., Natalia, C., & Lindrianasari, L. (2025). Blockchain adoption in financial auditing: A global perspective on the top public companies worldwide. Edelweiss Applied Science and Technology, 9(8), 1827–1841. https://doi.org/10.55214/2576-8484.v9i8.9711.
    6. Andrew, J.L and L. S. Clifton. (2003). An Investigation into the Application of Defence in Depth Theory to Electronic Information Protection. Journal of Information Warfare. 2(2),88-96.
    7. Arens, A. A., Elder, R. J., & Beasley, M. S. (2017). Auditing and Assurance Services, Global Edition (17th Edition). In Prentice Hall eBooks. S.
    8. Asare, S., K. Hackenbrack , and W. R. Knechel. (1994). Client acceptance and continuation decisions. In Auditing Symposium XII: Proceedings of the 1994 Deloitte and Touche/University of Kansas Symposium on Auditing Problems, edited by R. P. Srivastava, 163–178 Lawrence, KS: Univer-sity of Kansas.
    9. Bagranoff, N., Vendrzyk , V. (2000). The changing role of IS audit among the big five accounting firms. Information Systems Control Journal, 5 .33-7.
    10. Bazerman, M. H., Morgan, K. P., & Loewenstein, G. (1997). The Impossibility of Auditor Independence. MIT Sloan Management Review, 38(4), 89–94.
    11. Beridze, T. (2017). Information Technology Audit in Georgia. European Scientific Journal, 72. https://doi.org/10.19044/esj.2017.v13n25p72.
    12. Betti, N., & Sarens, G. (2020). Understanding the internal audit function in a digitalised business environment. Journal of Accounting & Organiza-tional Change, 17(2), 197–216. https://doi.org/10.1108/JAOC-11-2019-0114.
    13. Bhattacharjee, S., Maletta, M. J., & Moreno, K. K. (2017). SOX Compliance and IT Controls. Journal of Information Systems.
    14. Bob Duncan & Mark Whittington. (2014). Compliance with standards, assurance and audit: Does this equal security. Conference: Security of In-formation and Networks. https://doi.org/10.1145/2659651.2659711
    15. Bosworth, S., & Kabay, M. E. (Eds.). (2002). Computer security handbook (4th ed.). Wiley.
    16. Carroll, M, Van Der Merwe, A and Lubbe, S. 2009. An information systems auditor’s profile. Alternation: International Journal for the Study of Southern African Literature and Languages, Vol. 16(1), pp 318–355.
    17. Chen, L., Srinidhi, B., Tsang, A., & Yu, W. (2015). Audited Financial Reporting and Voluntary Disclosure of Corporate Social Re-sponsibility (CSR) Reports. Journal of Management Accounting Research, Forthcoming. https://doi.org/10.2139/ssrn.2666872.
    18. Chou, D. C. (2015). Cloud computing risk and audit issues. Computer Standards &Amp; Interfaces, 137–142. https://doi.org/10.1016/j.csi.2015.06.005.
    19. Devale , A.B., and Kulkarni ,R.V. (2012).“A review of expert system in Information System Audit”, International Journal of Computer Science and Information Technologies (IJCSIT), vol. 3, no. 5, pp.5172-5175.
    20. Federation of Accounting Professions. (2010). ISA 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accord-ance with Auditing Standards. Federation of Accounting Professions.
    21. Federation of Accounting Professions. (2014). International Standard on Auditing (ISA) 315 . Federation of Accounting Professions.
    22. Fiedler, F. (1972). The Effects of Leadership Training and Experience: A Contingency Model Interpretation. Administrative Science Quarterly, 17, 453-470. https://doi.org/10.2307/2393826.
    23. Gantz, S. D. (2014). The Basics of IT Audit. Elsevier.
    24. Gaurav, B. (2020). 5 Cybersecurity Threats to Be Aware of in 2020. IEEE. https://www.computer.org/ publica-tions/tech-news/trends/5-cybersecurity-threats-to-be-aware-of-in-2020.
    25. Genzorova, T., Corejova, T., & Stalmasekova, N. (2019). How digital transformation can influence business model, Case study for transport indus-try. Transportation Research Procedia, 40, 1053–1058. https://doi.org/10.1016/j.trpro.2019.07.147.
    26. Gray, R., Kouhy, R., & Lavers, S. (1995). Corporate social and environmental reporting. Accounting, Auditing & Accountability Journal, 1(1), 72-90.
    27. Gupta, K. (2020). Contemporary Auditing. Tata Mcgraw Hill Education Private Limited.
    28. Hair, J. F., Black, W. C., Babin, B. J., & Anderson, R. E. (2010). Multivariate data analysis (7th ed.). Pearson College Division.
    29. Hall, J. A. (2011). Information Technology Auditing and assurance (3 ed.). South-Western Cengage Learning.
    30. Hall, J. A., & Singleton, T. (2018). IT Auditing and Application Controls for Financial Reporting and SOX Compliance.
    31. Hurtt, R. K. (2011). Development of a scale to measure professional skepticism. Auditing a Journal of Practice & Theory,29(1),149–171. https://doi.org/10.2308/aud.2010.29.1.149.
    32. Igou, A., Power, D. J., Brosnan, S., & Heavin, C. (2022). Digital futures for accountants. Journal of Emerging Technologies in Accounting, 20(1), 39–57. https://doi.org/10.2308/JETA-2020-088.
    33. Information Systems Audit and Control Association. (22 October 2020). ISACA Updates IT Audit Framework (ITAF). Information Systems Au-dit and Control Association.
    34. Ivanov, D., Dolgui, A., & Sokolov, B. (2018). The impact of digital technology and Industry 4.0 on the ripple effect and supply chain risk analytics. International Journal of Production Research, 57(3), 829–846. https://doi.org/10.1080/00207543.2018.1488086.
    35. James, G., Witten, D., Hastie, T. and Tibshirani, R. (2021) An Introduction to Statistical Learning: With Applications in R. 2nd Edition, Springer, Berlin. https://doi.org/10.1007/978-1-0716-1418-1.
    36. Judijanto, L., Nurdiani, T. W., Ningsih, T. W., & Ryketeng, M. (2023). The effect of regulatory compliance and digital audit adoption on auditor performance and financial reporting accuracy in Indonesia. The ES Accounting and Finance, 2(01), 77–86. https://doi.org/10.58812/esaf.v2i01.154.
    37. Juiz, C. &. (2015). To govern IT, or not to govern IT? Communications of the ACM, 58-64. https://doi.org/10.1145/2656385.
    38. Kafi, M. A., & Akter, N. (2023). Securing Financial Information in the Digital realm: Case studies in Cybersecurity for Accounting Data Protection. American Journal of Trade and Policy, 10(1), 15–26. https://doi.org/10.18034/ajtp.v10i1.659.
    39. Kinney, W. R., & Shepardson, M. L. (2011). Research opportunities in internal control quality and quality assurance. Auditing: A Journal of Prac-tice & Theory, 30(4), 1-24.
    40. Kinney, W. R., & Shepardson, R. (2011). The limits of compliance auditing: Implications for audit risk management. Journal of Accounting, Audit-ing & Finance, 26(3), 453–476.
    41. Klos, C., & Spieth, P. (2020). READY, STEADY, DIGITAL?! How foresight activities do (NOT) affect individual technological frames for man-agerial sensemaking. Technological Forecasting and Social Change, 163, 120428. https://doi.org/10.1016/j.techfore.2020.120428.
    42. KPMG. (2020). Creating dynamic controls amid continuing regulatory change. KPMG LLP.
    43. Liu, C., Muravskyi, V., & Wei, W. (2024). Evolution of blockchain accounting literature from the perspective of CiteSpace (2013–2023). Heliyon, 10(11), e32097. https://doi.org/10.1016/j.heliyon.2024.e32097.
    44. Majdalawieh, M., & Zaghloul, I. (2009). Paradigm shift in information systems auditing. Managerial Auditing Journal, 24(4), 352–367. https://doi.org/10.1108/02686900910948198.
    45. Markus, M. L., & Loebbecke, C. (2013). Commoditized digital processes and business community platforms: new opportunities and challenges for digital business strategies. MIS Quarterly, 37(2), 649–654.
    46. Merhout, J. W., & Havelka, D. (2008). Information Technology Auditing: A Value-Added IT Governance Partnership between IT Management and Audit. Communications of the Association for Information Systems, 23. https://doi.org/10.17705/1CAIS.02326.
    47. Messier, W. F., Glover, S. M., & Prawitt, D. F. (2016). Auditing and Assurance Services.
    48. National Cyber Security Agency. (2023). Standards and Guidelines for Promoting the Development of Cyber Security Service Sys-tems.
    49. Osmundsen, K., Iden, J., & Bygstad, B. (2018). Digital Transformation: drivers, success factors, and implications. MCIS, 37. https://aisel.aisnet.org/mcis2018/37/.
    50. Peecher, M. E., Schwartz, R., & Solomon, I. (2007). It’s all about audit quality: Perspectives on strategic-systems auditing. Accounting Organiza-tions and Society, 32(4–5), 463–485. https://doi.org/10.1016/j.aos.2006.09.001.
    51. Petter Lovaas, S. C. (2012). IT Audit Challenges for Small and Medium-Sized Financial Institutions. Annual Symposium on Information Assurance and Secure Knowledge Management, 16-22.
    52. Power, M. (1997). The Audit Society: Rituals of Verification. Oxford University Press.
    53. Riad, A. (2015). ISO/IEC 27001. linkedin.
    54. Riadh Manita a, N. E. (2020). The digital transformation of external audit and its impact on corporate governance. Technological Forecasting and Social Change. https://doi.org/10.1016/j.techfore.2019.119751.
    55. Riyadi, A., Khaddafi, M., F, F., F, F., & Ilham, R. N. (2021). Internal factor of systematic risk model with information technology as intervening variables to increasing quality of government financial reports in Indonesia: Actual case from Riau Island Province. Morfai journal, 1(1), 22–35. https://doi.org/10.54443/morfai.v1i1.13.
    56. Robson, K., Humphrey, C., Khalifa, R., & Jones, J. (2007). Transforming audit technologies: Business risk audit methodologies and the audit field. Accounting Organizations and Society, 32(4–5), 409–438. https://doi.org/10.1016/j.aos.2006.09.002.
    57. Rosati, P., Gogolin, F., & Lynn, T. (2020). Cyber-Security incidents and audit quality. European Accounting Review, 31(3), 701-728. https://doi.org/10.1080/09638180.2020.1856162.
    58. Rose, A. M., J. M. Rose, K. Sanderson, and J. C. Thibodeau. 2017. When should audit firms introduce analyses of big data into the audit process. Journal of Information Systems, 31 (3): 81-99. https://doi.org/10.2308/isys-51837.
    59. Saeed, S., Altamimi, S. A., Alkayyal, N. A., Alshehri, E., & Alabbad, D. A. (2023). Digital Transformation and Cybersecurity Challenges for busi-nesses Resilience: Issues and recommendations. Sensors, 23(15), 6666. https://doi.org/10.3390/s23156666.
    60. Sagarik, D., Chansukree, P., Cho, W., & Berman, E. (2018). E-government 4.0 in Thailand: The role of central agencies. Information Polity, 23(3), 343–353. https://doi.org/10.3233/IP-180006.
    61. Salihu, A., & Hoti, X. B. (2019). The effect of IT audit on security incidents. International Journal of Scientific and Technology Research, 8(8), 1342–1347. https://www.ijstr.org/paper-references.php?ref=IJSTR-0819-21358.
    62. Sawyer, L. B., Scheiner, J. H., & Graham, J. (2014). Sawyer’s Internal Auditing: Enhancing and Protecting Organizational Value. The Institute of Internal Auditors.
    63. Schneider, S., & Kokshagina, O. (2021). Digital transformation: What we have learned (thus far) and what is next. Creativity and Innovation Man-agement, 30(2), 384–411. ttps://doi.org/10.1111/caim.12414.
    64. Smith, C. L. (2003). Principles of information security: Defense-in-depth approaches. New York, NY: Security Press.
    65. Suchman, M. C. (1995). Managing Legitimacy: strategic and institutional approaches. Academy of Management Review, 20(3), 571–610. https://doi.org/10.5465/amr.1995.9508080331.
    66. Such-Pyrgiel, M. K., Gołębiowska, A., & Prokopowicz, D. (2022). The Impact of the COVID-19 Pandemic on the Growing Importance of Cyber-security of Data Transfer on the Internet. Polish Political Science Yearbook, (3 (51), pp.81-95. https://doi.org/10.15804/ppsy202224.
    67. Tinyase, K. O., Ocansey, E. O. N. D., & Asamoah, F. O. (2025). The moderating role of auditor experience in the relationship between audit pres-sure and audit quality. Archives of Business Research, 13(06), 90–108. https://doi.org/10.14738/abr.1306.18958.

  • Downloads

  • How to Cite

    Messuwan , M. ., Poonpool, N. . ., & Ninlaphay , S. . (2025). The Impact of Information Technology Audit on AuditQuality: ‎An Empirical Study of Auditors in The Capital Market ‎of Thailand. International Journal of Accounting and Economics Studies, 12(6), 868-877. https://doi.org/10.14419/5cfj0716