=Paper=
{{Paper
|id=Vol-2383/paper7
|storemode=property
|title=Information Audit for Knowledge Discovery: A Systematic Literature Review
|pdfUrl=https://ceur-ws.org/Vol-2383/paper7.pdf
|volume=Vol-2383
|authors=Faiza Allah Bukhsh,Eva Nurlatifah
|dblpUrl=https://dblp.org/rec/conf/vmbo/BukhshN19
}}
==Information Audit for Knowledge Discovery: A Systematic Literature Review==
https://ceur-ws.org/Vol-2383/paper7.pdf
Information Audit for Knowledge Discovery: A
Systematic Literature Review
Faiza Allah Bukhsh1 and Eva Nurlatifah2
1
University of Twente, Department of Computer Science, The Netherlands 7500 AE
f.a.bukhsh@utwente.nl
2
University of Twente, Department of Computer Science, The Netherlands 7500 AE
eva.nurlatifah@gmail.com
Abstract. Information audit is a set of actions which examine whether
or not the information poses in a company support the organizational
mission, goals, and objectives. This process is also required as a funda-
mental step for compliance and information quality checking. Therefore,
in this digital age when companies have to deal with the complexity and
a huge amount of data, they deploye Information Audit to strengthen
their performance. Therefore, this systematic literature review research
focuses on finding the methodology, framework, and technique that exist.
In the end, this study will provide some recommendations.
Keywords: Information Audit, Knowledge Audit, Information Audit Method,
Information Audit Framework, Information Audit Technique.
1 Introduction
Nowadays, organizations and companies are paying more attention to the in-
formation they own and collected. Henczel [13] states that companies put the
information as one of the most critical strategic assets thus companies are fo-
cused to manage, control, and develop the information resource to information
users. In addition, the volume of information has multiplied in the manifold, and
the information exchange between organizations or departments has increased
which made the communication information-intensive [4]. Despite these trends,
companies are facing the challenge to optimize their treatment of the information
so that it could meet the organizational strategies and objectives. In order to
address this problem, information audit could be utilized by companies as a
stable method for enhancing the information quality.
Therefore, the purpose of this study is giving an insight on the implemen-
tation of Information Audit both in research and practice by identifying the
categorization among the methods, framework, and techniques of information
audit. This study can also be considered as the fundamental knowledge for doing
further research in information audit.
�2 Faiza Allah Bukhsh and Eva Nurlatifah
2 Research Method
This systematic literature review is conducted by adopting the process defined
by Kitchenham [15]. The databases we used in this systematic literature review
are Scopus, Science Direct, Springer, IEEE, ACM Digital Library. In the process
of finding the primary resources, we did not set the time limit for the year of
publishing since one of the aims of this study is addressing the information audit
methods and frameworks since the first time they introduced. Regarding research
string, we defined the query based on the topic of this study and proposed research
questions. As suggested by Kitchenham [15], the first step to formulate the search
query is to define the keywords. We decided to use the terms Ïnformation Audit",
"Methods","Frameworksänd "Techniquesäs the main keywords and combined them
with logic operators âĂIJANDâĂİ and âĂIJORâĂİ to be a research query. After
trying several query combinations, we finally chose the following search query to
retrieve the relevant articles:
("MethodologyÖR "FrameworkÖR "Technique") AND (Ïnformation Audit")
We could argue that this query is stable since we tested to change the position
of one of the keywords, Ïnformation Audit", upfront and the number of articles
showed for each database stays same. We also used the refine search or filter
search, particularly in Scopus to limit the number of articles based on the inclusion
criteria. A concrete inclusion criteria is as follows:
– A study in the form of a scientific peer-reviewed paper.
– A study which focuses on the information audit in their Information System
or Information Technology department.
– A study that presents or describes the method or framework or technique
they used in the implementation of Information Audit.
– A study which is written in English.
A concrete exclusion criteria is as follows:
– A study that is non-peer reviewed such as a workshop or technical report.
– A document which is a chapter from a book.
– A study that is not about Information System and Information Technology
perspective.
– The study is not reported in English.
We filtered the articles which are only written in English. We did not apply
the filter in the other databases since the feature to refine the query based on the
language is only available in Scopus. Therefore, we still got some articles which
are not written in English and refined them manually in the title and abstract
selection stage. The steps performed during the study are abstractly defined in
the Figure 2,
3 Discussion
After analyzing 50 selected the papers, we found the definition of method and
technique from Thomas [25] which asserts that method is a systematic way
� Title Suppressed Due to Excessive Length 3
Fig. 1. Systematic Literature Review Process
of doing something and technique as the way to collect the data. While the
framework is "broad overview, outline, or skeleton of interlinked items which
supports a particular approach to a specific objective and serves as a guide that
can be modified as required by adding or deleting items". Then we classified
those elements based on relevance with domains. One of the outcomes of this
study is a metric available on second authors research gate profile where substan-
tial information from each study was recorded. The metric helped the authors
to extract interesting facts and important trends that show during the study.
Therefore, this section will discuss some of our findings.
1. There is a limited study which focuses on developing methods
of Information Audit since 2001. Method found in this research is
scoreboard audit by Rus [20] and method of judging duplicate by Liu et al [17].
However, there is a big gap between the method of judging duplicate [17]
and the seven stages method by [12]. Our study could not find any method
developed between the period 2001 to 2012. In addition, even though the
finding shows in Figure 2, that articles published from 2008 to 2017 are
more than from 1993 to 2007, the focus of the studies from 2008 to 2017
are not merely on information but there was a shift from information audit
to knowledge audit as advocated by [16], [19], [5, 10, 11, 22, 23, 28].
2. Methods were not applied in practice. Another trend that found in
this research is that the studies which focus on developing the theory are
dominant which account for 58.3%. It can be concluded that the studies which
highlight the implementation or outcome of the information audit are needed
more attention from both the researcher and practitioner. This statement
also supported by a study from Frost and Choo [8] which states that there
are more observations to the development of theory than information audit
application. The fact that should also be highlighted is the methods such
as [3, 13, 18] were not applied in the most articles that focus on practice
as found in systematic literature review. Among 21 studies which focus on
practice, there are only three studies that evaluate methods [1, 9, 14].
3. No domain dependent information audit framework. Among the 50
studies in this research, there is only one framework which focuses on the
process of information audit, Integrated information audit framework for
electricity companies (ElCIA) [6]. However, it does not mean that the other
�4 Faiza Allah Bukhsh and Eva Nurlatifah
Fig. 2. The number of studies published in each year
five methods mentioned in the previous subsection are not focused on the
information, yet the remaining frameworks are an extension from the purpose
of information audit such as LSAM [27] and security audit in e-government [2]
that has specific purpose on checking the security of the system. While the
study by [26] employed COBIT which is a comprehensive framework for IT
audit.
4. There are no standardized techniques for Information Audit. Con-
sidering the list of techniques collected in this study which are more than
twenty techniques, it could be concluded that there are no standardized
techniques for information audit due to its varied purposes. Henczel [12] also
mentioned since the environments where the information audit conducted
are diverse, so there is no universally accepted model. Another fact is that
the techniques for information audit come from various background theory
such as strategic planning and math. For instance, SWOT [7] analysis which
is commonly used in strategic planning while the example of techniques that
come from mathematics is Bayes Algorithm [29] and Multi-Pattern Matching
Algorithm [24].
5. Several methods of Information Audit are utilized in Knowledge
Audit. Roberts [19] states that the outcome of the information audit which
is the explicit and tangible evidence of content that is realizable, observable
and transferable is the fundamental content for knowledge audit. So, it could
be assumed if there is a relation between an information audit and knowledge
audit. Furthermore, some of the methods of information audit also categorized
as knowledge audit methods such as [3, 12, 18, 21] and [16]. One of the biggest
� Title Suppressed Due to Excessive Length 5
open question came out from this study is that Ïs information audit and
knowledge audit, two names of same concept or they are different? "
4 Recommendations
There are three recommendations for advancing the study in information audit
which are derived from this literature review.
– Recommendation 1: The first suggestion is to focus on the implementation
thus could be a guideline for other practitioners. In addition, as suggested by
Frost & Choo [8], it is needed to apply more fundamental information audit
methodologies in full to case studies.
– Recommendation 2: Based on the findings, most of the domain of the studies
are business process monitor and knowledge audit [4], [16], [19], [11] as can
be seen from Figure 3. Meanwhile, the number of studies on security are
far below them. Thus there is gray area for researchers to explore more in
information audit process for information security domain.
– Recommendation 3: The study on testing and validating the current methods,
frameworks, and technique are lacking. Based on the finding in Figure 4, the
number of studies which tested either the methods or frameworks in a case
study is below than the study which focus on research. Therefore, the study
on testing and validating the methods or frameworks will be a useful reference
for practitioners when choosing the best method for their environment.
Fig. 3. The number of Dimension for Information Audit
�6 Faiza Allah Bukhsh and Eva Nurlatifah
Fig. 4. The percentage of studies based on the type of studies
5 Conclusion
This systematic literature review posted and answered research questions which
highlight the methods, frameworks, and techniques in information audit in order
to have a better insight on the current development in the information audit
research and application. From the 50 studies that we collected, it is noteworthy
that the development of information audit methods was started in the early
90’s and the characteristics of methods are various and go hand in hand with
the improvement of business environment. This study found four categorization
of information audit field(business process, compliance, monitor and security).
While the enormous number of information audit techniques that authors found
in this study address the diverse field that can support the process of information
audit. Furthermore, the shortage of frameworks of information audit also the fact
that should be underlined by researchers. They also need to pay more attention
to developing methods that can be accepted in the current business environment
and business objectives.
References
1. Ariffin, I., Latif, A.A., Faudzi, M.A., Shariff, S.S., Nadzir, M.M.: Information audit
in electricity utilities: Roles, methodologies, issues and challenges. In: Computer
and Information Sciences (ICCOINS), 2014 International Conference on. pp. 1–6.
IEEE (2014)
2. Bing, H., Bo, W.: Research of intranet security audit in e-government management
website group based on multi-agents. In: Advances in Computer Science and its
Applications, pp. 893–899. Springer (2014)
� Title Suppressed Due to Excessive Length 7
3. Buchanan, S., Gibb, F.: The information audit: an integrated strategic approach.
International journal of information management 18(1), 29–47 (1998)
4. Bukhsh, F.A., Weigand, H.: Smart auditing–innovating compliance checking in
customs control. In: Business Informatics (CBI), 2013 IEEE 15th Conference on.
pp. 131–138. IEEE (2013)
5. Daghfous, A., Khawaja, A.: Knowledge-enabled scm auditing (k-scm): a methodol-
ogy and a case illustration. In: Management of Innovation and Technology (ICMIT),
2010 IEEE International Conference on. pp. 964–969. IEEE (2010)
6. Drus, S.M., Shariff, S.S.M.: Elcia: Integrated information audit framework for
electricity companies. Universiti Tenaga Nasional (2008)
7. Evan-Wong, S., de Freitas, C.: Marketing an information service: a case study of
the oecs economic affairs secretariat documentation centre. Information services &
use 15(2), 117–130 (1995)
8. Frost, R.B., Choo, C.W.: Revisiting the information audit: A systematic literature
review and synthesis. International Journal of Information Management 37(1),
1380–1390 (2017)
9. Fu, X., Zhang, X.: A synthetical information audit of a chinese operator practical
study. In: Cooperation and Promotion of Information Resources in Science and
Technology, 2009. COINFO’09. Fourth International Conference on. pp. 9–15.
IEEE (2009)
10. Ganasan, A., et al.: Knowledge audit made comprehensive thru 6 stages. In: Research
and Innovation in Information Systems (ICRIIS), 2011 International Conference on.
pp. 1–6. IEEE (2011)
11. Gourova, E., Antonova, A., Todorova, Y.: Knowledge audit concepts, processes and
practice. WSEAS Transactions on Business and Economics 6(12), 605–619 (2009)
12. Henczel, S.: The information audit as a first step towards effective knowledge
management. Information Outlook 5(6), 48–66 (2001)
13. Henczel, S.: The information audit: A practical guide. Walter de Gruyter (2013)
14. Jones, A., Mutch, A., Valero-Silva, N.: Exploring information flows at nottingham
city homes. International Journal of Information Management 33(2), 291–299
(2013)
15. Kitchenham, B.A.: Systematic review in software engineering: where we are and
where we should be going. In: Proceedings of the 2nd international workshop on
Evidential assessment of software technologies. pp. 1–2. ACM (2012)
16. Levantakis, T., Helms, R., Spruit, M.: Developing a reference method for knowl-
edge auditing. In: International Conference on Practical Aspects of Knowledge
Management. pp. 147–159. Springer (2008)
17. Liu, S., Wei, J., Wang, S.: Efficiently identifying duplicated chinese company names
in large-scale registration database. In: International Conference on Advanced Data
Mining and Applications. pp. 625–634. Springer (2012)
18. Orna, E.: Practical information policies. Gower Publishing, Ltd. (1999)
19. Roberts, S.A.: Recording knowledge-related activities in practice: Methodological
bases and a method of knowledge auditing. In: Aslib Proceedings. vol. 60, pp.
583–599. Emerald Group Publishing Limited (2008)
20. Rus, I.: Technologies and methods for auditing databases. Procedia Economics and
Finance 26, 991–999 (2015)
21. Shahmoradi, L., Ahmadi, M., Sadoughi, F., Piri, Z., Gohari, M.R.: A comprehensive
model for executing knowledge management audits in organizations: a systematic
review. The health care manager 34(1), 28–40 (2015)
�8 Faiza Allah Bukhsh and Eva Nurlatifah
22. Shahmoradi, L., Karami, M., Farzaneh Nejad, A.: Auditing knowledge toward
leveraging organizational iq in healthcare organizations. Healthcare informatics
research 22(2), 110–119 (2016)
23. Sukiam, A.S., Rahman, A.A., Abidin, W.Z.: Knowledge audit on special chil-
dren communities. In: Pacific Rim Knowledge Acquisition Workshop. pp. 198–207.
Springer (2008)
24. Tang, J., Liang, D., Wang, N., Jia, Z.H.: Spectral correspondence using local
similarity analysis. In: Computational Intelligence and Security, 2007 International
Conference on. pp. 395–399. IEEE (2007)
25. Thomas, G.: How to do your research project: A guide for students. Sage (2017)
26. Tingliao, L.: The it audit research based on the information system success model
and cobit. In: Intelligent Systems and Control (ISCO), 2016 10th International
Conference on. pp. 1–3. IEEE (2016)
27. Wu, J., Qu, K.: Research and realization of secure audit mechanism based on lsm.
In: Management and Service Science, 2009. MASS’09. International Conference on.
pp. 1–5. IEEE (2009)
28. Xiao, J., Wang, J., et al.: Enterprise knowledge management audit based on pro-
cesses: Toward an integrated conceptual framework. In: Management of Innovation
and Technology (ICMIT), 2010 IEEE International Conference on. pp. 940–945.
IEEE (2010)
29. Yu, F., Shen, Y., Huang, H., Xu, C., Dai, X.p.: An information audit system based
on bayes algorithm. In: Asia-Pacific Web Conference. pp. 869–876. Springer (2006)
�