DOI: 10.24818/jamis.2025.04006
Vol. 24, No. 4, pp. 673-691, 2025
© 2025. This work is openly licensed via CC BY 4.0.
Author(s): Dimitrios Mitskinis1,a, Nikolaos Antonakisb, George Drogalasb and Maria Koumoundourouc
a University of West Macedonia, Greece
b University of Macedonia, Greece
c Hellenic Open University, Greece
1 Corresponding author: Dimitrios Mitskinis, Department of Economics, University of West Macedonia, Fourka area, Kastoria, GR 52100, Greece, email: mitskd@gmail.com
Keywords: internal audit, information systems, information protection, information
security directorate, Structural Equation Modeling (SEM)
JEL codes: M42
Abstract
Research Question: How is the impact of the relationship between internal control and
information systems on information protection outcomes moderated by the characteristics of the internal auditor, the characteristics of quality information systems audits and the
relationship between internal audit and information security management?
Motivation: We draw on the lack of prior research on how a strong relationship between internal control and information systems affects information security outcomes, drawing on data from staff of Greek banks.
Idea: This paper examines the impact of a strong relationship between internal audit and information systems on information protection outcomes in Greek Banks.
Data: We analyse a sample of 114 respondents, personnel within banking institutions in Greece.
Tools: We survey personnel within banking institutions in Greece, who answered a questionnaire with closed-ended questions. The data was analyzed using the Structural Equation Modeling (SEM) approach.
Findings: Findings indicate that the quality control characteristics of information systems, along with the collaboration between internal audit and information security management, significantly and positively influence the relationship between internal audit and information systems in enhancing information protection outcomes.
Contribution: This study adds the case of Greek banks to the existing literature on the contribution of a good relationship between internal audit and information systems to information protection outcomes. The originality of this research lies in two main aspects: first, the absence of previous studies focusing on Greek banking institutions with a similar scope; and second, the methodological approach employed for data analysis.
Full paper at: http://online-cig.ase.ro/jcig/art/6 Mitskinis.pdf
