The Contribution of a Good Relationship Between Internal Audit and Information Systems to Information Protection Outcomes: The Case of Banks in Greece

Research Question- How is the impact of the relationship between internal control and information systems on information protection outcomes moderated by the characteristics of the internal auditor, the characteristics of quality information systems audits and the relationship between internal audit and information security management? Motivation- We draw on the lack of prior research on how a strong relationship between internal control and information systems affects information security outcomes, drawing on data from staff of Greek banks. Idea- This paper examines the impact of a strong relationship between internal audit and information systems on information protection outcomes in Greek Banks. Data- We analyse a sample of 114 respondents, personnel within banking institutions in Greece. Tools- We survey personnel within banking institutions in Greece, who answered a questionnaire with closed-ended questions. The data was analyzed using the Structural Equation Modeling (SEM) approach. Findings- Findings indicate that the quality control characteristics of information systems, along with the collaboration between internal audit and information security management, significantly and positively influence the relationship between internal audit and information systems in enhancing information protection outcomes. Contribution- This study adds the case of Greek banks to the existing literature on the contribution of a good relationship between internal audit and information systems to information protection outcomes. The originality of this research lies in two main aspects: first, the absence of previous studies focusing on Greek banking institutions with a similar scope; and second, the methodological approach employed for data analysis.