Exploring perceived threats of CAIS in developing countries: the case of Saudi Arabia

Purpose - The objective of this paper is to investigate the perceived threats of computerized accounting information systems (CAIS) in Saudi organizations. Design/methodology/approach - An empirical survey using a self-administered questionnaire has been carried out to achieve this objective. Four hundred questionnaires have been randomly distributed to different types of Saudi organizations and covered seven Saudi cities. Two hundred and eight questionnaires had been collected. After excluding the incomplete and invalid responses, the study ended with 136 valid and usable questionnaires, representing a 34 percent response rate. This response rate is acceptable in this kind of empirical surveys. The collected data has been analyzed using the statistical package for social sciences (SPSS) version 12. Findings - The survey results reveal that almost half of the responded Saudi organizations are suffering financial losses due to internal and external CAIS security breaches. The results also reveal that accidental and intentional entry of bad data; accidental destruction of data by employees; employees' sharing of passwords; introduction of computer viruses to CAIS; suppression and destruction of output; unauthorized document visibility; and directing prints and distributed information to people who are not entitled to receive are the most significant perceived security threats to CAIS in Saudi organizations. Originality/value - Accordingly, it is recommended to strengthen the security controls over the above weaken security areas and to enhance the awareness of CAIS security issues among Saudi organizations to manage the security risks and to achieve better protection to their CAIS. The results of the study enable managers and practitioners to champion information technology developments for success of their businesses.