The Impact of the Application of IT Governance According to (COBIT 5) Framework in Reduce Cloud Computing Risks

Abstract

The study aimed at identifying the impact of the application of IT governance represented by (Planning and Organization, Possessiveness and Implementation, Support and Delivery, Monitoring and Evaluation, and Guidance and Control), using (COBIT 5) framework to reduce the risks associated with cloud computing (Identity and Access Management, Data protection, Virtual operating risk, IT support, and Organization) in the Jordanian industrial companies public shareholding from the perspective of Jordanian Certified Public Accountants. The study follows sequential procedures as a strategy for the mixed methods that have been applied. The researcher collects qualitative data that are quantitatively analyzed. A questionnaire was used to achieve the purpose of the study. The study population included all external accountants practicing auditing in Jordan, who number until the end of 2017 (384), a simple random sample was drawn, the sample included (192) auditors. The study concluded that all the decisions of the (COBIT5) Committee including Planning and Organization, Possessiveness and Implementation, Support and Delivery, Monitoring and Evaluation, and Guidance and Control affect the reduction of the risk of cloud computing in terms of identity and Access Management, Data protection, Virtual operating risk, IT support, and Organization the Jordanian industrial companies public shareholding from the perspective of Jordanian Certified Public Accountants. Based on the findings of the study, the researcher recommends that Jordanian industrial companies need to activate the role of security controls and increase the level of application against the environmental risks surrounding the company likely to occur as a result of the application of cloud computing. It is also necessary to update and develop information technologies, especially those related to technology.