The impact of the implementations of the Sysrust ’ s framework upon the quality of financial reporting : structural equation modelling approach

The purpose of this research is to examine empirically, validate, and predict the reliability of the proposed relationship between the reliability of AIS process in the context of SysTrust' framework (principles and criteria) and the quality of financial reporting in shareholdings companies in Jordan. For this purpose, a primary data was used that was collected through a self-structured questionnaire from 239 of shareholdings companies. The extent of SysTrust's framework (principles and criteria) and the quality of financial reporting were also measured. The data were analyzed using structural equation modeling. The results showed that the magnitude and significance of the loading estimate and they indicated that all of the main five principles of SysTrust's framework are relevant in predicting the quality of financial reporting. Moreover, the reliability of AIS by the implementation of these five principles of SysTrust's framework were positively impacting the quality of financial reporting, as the structural coefficient for these paths are significant.


Introduction
According to Daneilia (2013), the quality of financial statements relies mainly on accounting information systems and internal controls that positively affect financial reporting.Potentiality of error in the reporting is related to the weaknesses of internal control, namely the supervision of accounting information system (Ricchiute, 2006).Further, the need of internal control is to produce reliable financial statements through supervising the relevant accounting system (Konrath, 2002).In terms of "quality", Toposh (2014) argues that maintaining characteristics of any accounting information system accounts on a well-designed internal control system which is applied to realize operational goals and performance.Romney and Steinbart (2009) pointed out that the AIS and good internal control structure can protect the system from problems such as fraud, error, equipment and software failures and problems due to political disaster.Another purpose of internal control, is to maintain the company's assets from theft, to make sure the information is reported accurately and implementation of laws and rules that apply (Warren et al., 1996: 233).So it can be concluded that the internal controls used by management aims to control every activity in the company so that the company's operations (organization) will be implemented as planned, including producing of reliable financial reports.
Studies that emphasize the necessity and importance of the internal control system in the accounting system are increasingly being acknowledged (Zulkanian, 2009).Al-Qudah and Ahmed (2011) suggested a significant impact on the company's internal control AIS in creating accuracy, updated, comprehensive and comparative data.One of the internal control objectives in the IT environment is to obtain financial statements of high reliability and to provide an adequate and appropriate evidence to attain the goals of the organization (Al-Laith, 2012).Recently, the assessment of the effect of the internal control of AIS on the quality of financial reporting has received great attention by academic and professional accountants (Grant et al., 2008;Canada et al., 2009).They had much concern about answering the question whether the reliability of internal control will lead to systematic improvements in the quality of financial reporting.However, studies (that have examined the SysTrust's framework as an internal control method for assuring reliability in the professional accounting literature) are primarily devoted to explain the background and purpose of this service and its potential demand (Pugliese & Halse, 2000;Al-dmour et al., 2018).Furthermore, several authors indicated that within organizations, attention must be given to the accounting standards and laws of each country because they affect accounting management (Davila et al., 2004;Romney & Steinbart, 2017).
As in many other developing countries, financial reporting practices in Jordan are more of a result of "different sources of accounting influence" (Goitom, 2003) and the various legal requirements.The financial reporting in Jordan is regulated through The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach the commercial laws.The Companies Law regulates all types of companies; the Banking Law regulates the banks, while the Insurance Law regulates the insurance companies.In the same context, the Securities Law regulates all companies' activities regarding listing and trading matters in the financial markets.According to the Companies Law No. 22 (1997), Jordanian companies are divided into General Partnership, Limited Partnership, Limited Liability Company, Limited Partnership in Shares, Public Shareholding Company.The securities of public shareholding companies can be listed and traded in Amman Stock Exchange and their minimum paid-in capital is 500,000 Jordanian Dinars (JD).According to the Companies Law No. 22 (1997), public shareholding companies are obligated to appoint an auditor.
Duties are assigned to the Jordanian auditor according to the Companies Law -the major responsibility being to audit companies' accounts in accordance with the recognized auditing rules, the auditing profession's principles and its scientific and technical standards.Moreover, an auditor is to review the financial and administrative by-laws of the company and its internal financial controls, to ensure their suitability for the company's business and the safeguarding of its assets.Accordingly, auditors in Jordan are responsible for assessment of companies' internal controls, in addition to undertaking the appropriate substantive tests.In accordance with Companies Law No. 22 (1997), all public shareholding companies are required to prepare and issue their annual audited financial statements -their balance sheets, income statements, and cash flows statements -within three months from the end of the company's fiscal year.Further, each public company is to prepare and issue its semi-annual financial statements, certified by the company auditors within 60 days from the end of the half-year period.
The present study has, therefore, come to bridge this gap by assessing the impact of the implementation of the SysTrust's framework (principles and criteria) as internal control for assuring the AIS on the quality of financial reporting through an integrated approach.The study aims to overcome the limitations of the previous studies, and to improve understanding of the importance of the reliability of the AIS process in the environmental context of Jordanian organizational culture as a developing country and to empirically examine, validate and predict the viability of the study's proposed conceptual mod.

The SysTrust's framework: definition and importance
According to the AICPA (2017), SysTrust's framework is an assurance service that independently tests and verifies a system's reliability.AICPA succinctly describes the overall purpose of SysTrust in the following way: "Developments in information technology provide far greater power to companies at far lower costs."As business dependence on information technology increases, tolerance decreases for systems that are not secure, and these systems become unavailable when needed and unable to produce accurate information on a consistent basis.An unreliable system can cause a chain of events that negatively affect a company and its customers, suppliers, and business partners (Hunton, 2002).
The objective of a SysTrust engagement is to enable the practitioner to issue an attestation/assurance report on whether the management maintains appropriate reliability controls over its system(s).Potential users of a SysTrust report include: the entity itself as well as its shareholders, creditors, customers, suppliers, third-party users, including those who outsource to other entities and any other party who in some fashion relies on an information system.The term was intended to include auditing as a subcategory, as indicated in the following quote, which refers to the Special Committee's conceptual framework for assurance services: "The framework's primary objective is to provide a consistent view of assurance services.It provides guidelines that will enhance consistency and quality in the performance of services.It can also help establishing a common public perception of the CPA's function and value (AICPA, 2013).The AICPA Assurance Services Executive Committee (ASEC) has developed a set of principles and criteria (trust services principles and criteria) to be used in evaluating controls relevant to the security, availability, and processing integrity of a system, and the confidentiality and privacy of the information processed by the system.In this document, a system is designed, implemented, and operated to achieve specific business objectives (for example, delivery of services, production of goods) in accordance with management specified requirements.To check the reliability of a system; a set of principles and criteria are used for this purpose.This criteria is classified into five categories that they are relevant to systems reliability and to the reliability of financial statements of an organization as follows (ACIPA, 2017): 1. Availability: Agreed and committed system and information thereof that are used for operations (legal obligation).2. Security: Protected systems against unauthorized access-physically and logically.3. Confidentiality: Confidential information that is protected as committed to or agreed.4. Processing Integrity: Processing data accurately, fully, in due timing and exclusively with proper authorization.Privacy: Gathering, usage, disclosure, maintenance of personal information and its protection from unauthorized disclosure in accordance with internal policies and external regulatory requirements.
The main benefits of the use of SysTrust service include improved confidence in the systems of both business partners' and one's own internal systems, avoiding problems of system development (McPhie, 2000) and reducing the cost of business interruption insurance (Pugliese & Halse, 2000).The literature also suggests that The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach SysTrust provides a good framework for auditing internal systems (Al-Dmour et al., 2018) and restructuring systems controls and procedures (Trabert & Mackler, 2001).While recognizing the potential benefits of trust services, Gray (2002) warns customers to investigate the relative value of the benefits against the associated cost before hiring a third party assurance provider.Accordingly, it is clear that system assurance has a positive impact on system users and their reliance and in turn on their decisions, especially when this assurance is provided on continuous basis, which is more suitable to the current changing environment.SysTrust developers also expect that the SysTrust report would be seen in the market as a sign of quality.
According to this viewpoint, Trabert and Mackler (2001) imply that SysTrust opinions will function as a marketing tool and add value for the client.In the most recent version of the trust services guidelines, electronic seals or reports can be used with SysTrust engagements.Users may recognize that displaying the electronic seals or reports will help in their marketing efforts through improving their skill to distinguish themselves from other entities.This contention is supported by the results of the study of Arnold et al. (2000), which indicate that good-quality dealers are willing to pay for reports that differentiate along quality lines.

Literature review
In their study of electronic data interchange (EDI), Khazanchi and Sutton (2001) give evidence of the requirement for systems assurance, illustrating that numerous companies enforcing these systems do not use them to full benefit.This shows that entities authorizing EDI for their clients or customers should require assurance of suitable functioning.Results of these studies recommend a demand for trust services.It follows that there should be a positive effect on the business of clients that meet approved trust services standards.Moreover, a study by Havelka et al. (1998) argues that expression of agreement on measurement criteria for assurance services among providers and users will enable more effective and efficient production of those services.SysTrust is one of the models to update Internal Control Systems (ICS) of AIS through frame working the technological variables which affect designing AIS.Due to such nature, many of the practical studies have been implemented using the principles and criteria of SysTrust to examine performance of AIS.The term ICS has been used by COSO (1992) to refer to the risks associated with ineffectiveness management of public companies, both large and small.Integrated framework of COSO has long served as a blueprint for establishing internal controls that promote efficiency, minimize risks, and help check the reliability of financial statements, and comply with laws and regulations.
According  Boritz (2005) conducts an extensive review of the literature to identify the key attributes of information integrity and related issues.He brought two focus groups of experienced practitioners to discuss the documented findings extracted from the literature review through a questionnaire that examining the core concepts of information integrity and it elements.Boritz (2005) considers information security as one of the core attributes to information integrity.This security should cover the following areas: Physical access controls and Logical access controls.The results indicated that the security has a lower impairment severity score than other severe practical aspects, such as availability and verifiability.Such findings of Boritz, pointed out the effective use of security controls in the organizations represented.In his study, Coe (2005) focuses on the fulfillment of Sarbanes-Oxley act 2002 that requires public companies to report about the effectiveness of their internal control systems Coe.The study explained also that the American companies are using COBIT for Sarbanes-Oxley act 2002 compliance, and this is because its objectives have been mapped to COSO in a publication entitled IT Control Objectives for Sarbanes-Oxley.COBIT also has been mapped to popular enterprise resource planning (ERP) systems, like SAP, Oracle and PeopleSoft.
This mapping and related guidance provides COBIT with framework references and methodologies for auditing and testing the major ERP systems.However, it is decided later to use SysTrust service to ensure the company's systems carry-out business processes reliably.Herein, Coe establishes five-step processes showing how the CPAs can use the trust service framework to evaluate a company's IT controls when the Entity primarily uses the COSO approach.These steps are: (i) Use COSO framework to identify the risks in each business cycle and the controls that mitigate them, (ii).Gather initial IT information, (iii) Identify all information systems that related to financial reporting.(iv) Use trust services framework to create one overall IT matrix, (v) Assess the controls identified in the matrixes created above.Martin (2005) mentioned the same steps in his study, in which he tried to explain how information system auditor can use the AICPA/CICA trust services framework to evaluate internal controls, particularly controls over information technology.The participants in the experiment were 481 middle and upper-level The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach managers from a wide range of functional areas.The study concludes that auditorprovided assurances on information systems availability of security, integrity and maintainability will show significant key effects with respect to the probability of the participant entering into a contractual agreement with the ASP organization.In addition, the comfort level of the participant with the reliability of the ASP organization's ERP system will increase.
Also, Meharia (2011) aims to study the effects of assurance services and the trust in the mobile payment system on how users' use the system.To demonstrate this matter, the study depends on the Technology Acceptance Model (TAM).The study finds that the users' intention to use their attitude towards the system, determines their real use.Their attitude towards the system is decided by the apparent usefulness of the system and the simplicity of use.However, the study added that the assurance on the security, availability, confidentiality, privacy, and process integrity of the system will have a positive influence on the users' attitude towards the system, in combination with the apparent usefulness and simplicity of use.Also, from a security perspective, Siponen and Oinas-Kukkonen ( 2007) reconciled prior security research literature and emphasized the distinct importance of accessibility and availability as it relates to communication issues, like user authentication and appropriate maintenance of data retention.Strong et al. (1997) also segregated and highlighted the importance of accessibility as a determinant of data quality.In particular, they emphasized the importance of access security and timely availability to data.Likewise, Nelson et al. (2005) argued that accessibility that represents a system attribute, is distinct but similar in importance to the system's ability to produce reliable data, although they argued that this impact of accessibility is come in the second ranking in terms of influence on the system's processing reliability.Consequently, it is apparent that system assurance has a positive influence on system users, their reliance and, therefore, on their decisions, particularly when this assurance is provided constantly, which is more suitable according to the present inconstant environment.In reviewing the literature, it can be seen that Certified Public Accountants (CPAs) can provide assurance on RTA Information Systems.
CPAs are accepted as independent parties that provide assurance concerning the accuracy and fairness of financial information.Also, CPAs are well-informed about the subject matter to be assured and the assurance matters, recognized for their independence, objectivity and reliability (Boritz & Hunton, 2002), and acquire advanced technical competencies (Burton et al., 2012).
Experimental work indicates that there would be demand for both WebTrust (Hunton et al., 2000;Lala et al., 2002) and SysTrust (Boritz & Hunton, 2002) in the marketplace.Yet, as Bedard et al. (2005) note, there are a lot of issues, questions and risks in SysTrust engagements, and most auditors are leery about delving into the ill-defined arena of systems reliability assurance.Only limited researches to date has looked at ways in which to improve and deliver systems reliability assurance.Havelka et al. (1998) conducted a series of focus groups with systems development teams in order to establish criteria for assessing the quality of the information.Arnold et al. (2000) explore the market demand for graded reporting of systems quality versus use of a traditional auditor's binary reporting model.These studies represent the first incremental steps in understanding systems reliability assurance.The domain is wide, open, and in great need of additional research.While SysTrust provides some broad criteria that must be considered in assessing systems reliability, little is known about how to go about assessing these criteria effectively.Given the major role that IT systems play, particularly in enterprise systems environments, the profession must rapidly advance its ability to assess systems quality and academic researchers need to step forward to help in answering difficult questions that till todate form barriers to widespread systems reliability assurance efforts.
Internal control weaknesses will lead to fragile accuracy and validity of financial data; and therefore; will weaken the quality of financial reporting.Weak financial data processed by the AIS will produce unreliable financial statements that cannot be relied on in making decisions by third parties, so that the later will use another reliable source for decision making (Costelo & Wittenberg, 2010).While Hall (2011) states internal control helped managers and accountants to prevent fraud and errors.
Fraud occurs because of a violation of the rules and regulations.The error occurs due to lack of supervision including errors in financial reporting.Internal controls significantly affect investment decisions.Grant, et al., (2008) have examined the impact of IT deficiencies on financial reporting and determined significant differences between the companies that report IT deficiencies and the companies that do not report IT deficiencies.Four accounting errors: revenue recognition issues; receivables, investments and cash issues; inventory, vendor and cost of sales issues; and financial statement, footnote, US GAAP, and segment disclosures issues stand out as common financial reporting problems in companies found with weak IT controls.The study revealed that companies with IT control deficiencies report and high internal control (IC) deficiencies, are smaller, pay higher audit fees, and are typically audited by smaller accounting firms.
After reviewing the previous studies, in this specific area of research, relating to reliability of AIS control systems and the quality of financial reporting, it can be observed that there are not enough studies available, and this could be due to the fact that this area of research is reasonably new.In addition, many of the studies in this subject are administered on a small level and connected with combined studies from the fields of business management and, computer science.They are often in the form of reports or descriptive studies, and rarely experimental.To summarize, there is a lack of academic literature on the issues of trust services and its influence on the quality of financial reporting.It should also be noted that some of the investigations are conducted in isolation, without benefit from the findings of other studies.
The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach

Conceptual framework
Theoretical background and empirical studies on the SysTrust's framework as an internal control for assuring the reliability of AIS as well as the relevant theoretical literature on the quality of financial reporting were reviewed and integrated to develop a conceptual framework to guide this study.According to the existing frameworks on IS and accounting management (Dehning & Richardson 2002;DeLone & McLean 2003;Gable et al., 2008), the quality of financial reporting is proposed to be influenced by the implementation of SysTrust's framework (principles and criteria) as an internal control of AIS process.Understanding the critical principles influencing financial quality reporting will assist organizations to improve the reliability of their financial data.Inadequate financial reporting quality will cause a lot of business operations to run inefficiently, and perform less in accordance with the demands and needs of the stakeholders.Supposedly, in order to anticipate these conditions, businesses must have reliable software and databases in generating quality information (Al- Dmour et al., 2018).However, the effect of the reliability of AIS upon the quality of financial reporting has been given little attention in previous studies.The model proposed here is used to investigate whether better reliability of AIS control process by the implementation of SysTrust's framework (i.e., availability, security, processing integrity, confidentiality and privacy) would enhance the quality of financial reporting and to isolate those principles and criteria that are highly associated with the quality of financial reporting.The expected relationships of the implementation of the SysTrust principles and the quality of financial reporting are depicted in (Figure 1).

Figure 1. The Study's Proposed Conceptual Framework
The major constructs of the study's model are presented below with brief discussion.Furthermore, the expected relationship among these constructs are clearly defined and discussed throughout the presentation of each construct.

Characteristics of Financial Reporting
3.1 The quality of financial reporting Kieso et al. (2016) defined the financial reporting as the process of presenting business financial statements in the form of financial report for both internal and external stakeholders of the company.Ramdany (2015) proposed the same concept by adding that it also includes initial recording and rating all business activities, especially financial transactions, then the reporting phase of these activities come up in order to present them to stakeholders.The primary objective of financial reporting is to provide high-quality financial reporting information concerning economic entities, primarily financial in nature, useful for economic decision making (FASB, 1999;IASB, 2008).Providing high quality financial reporting information is important because it will positively influence capital providers and other stakeholders in making investment, credit, and similar resource allocation decisions enhancing overall market efficiency (IASB, 2006;IASB, 2008).Many previous researches and literatures depended on using many measurement tools for examining financial reporting quality, ED (IASB, 2008), for example, stated that fundamental and qualitative characteristics such as relevance and faithful representation of information are one of the most important used tools, they depend on underling decision usefulness as a measuring tool for examining financial reporting quality.Other examples of these characteristics are comparability, verifiability, understandability, and timeliness, which also considered as critical tools for examining the content of financial reporting information, which in turn improves decision usefulness (IASB, 2010).
Many studies have been taken place in this field.Based on the above mentioned facts; the current study will depend on the seven point rating scales of qualitative characteristics mentioned on ED (IASB, 2008) to assess the quality of financial reporting except timeliness characteristic.To assure the internal validity of these items, the quality measures are built on prior empirical literature.Table (2) provides an overview of the 21 measured items used to operationalize the fundamental and to enhance the qualitative characteristics.The current study will depend on the following qualitative characteristics: relevance, faithful representation, understandability and comparability by totalize the scores on the related items and dividing it by the total number of items.These measures are employed in order to facilitate the comparison between the findings of using it and the findings of previous works in this field.Here are some brief explanations of these qualitative characteristics: 1. Relevance: IASB (2008) defines relevance as the capability of making a difference in decisions made by users on their capacity as capital providers.
Relevance is usually operationalized in terms of predictive and confirmatory value (Beest et al., 2009).
The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach 2. Faithful Representation: Faithful representation means that all information listed in financial report must be represented faithfully, IASB, ( 2006) stated that in order to accomplish this; all information and economic phenomena listed in annual reports must be complete, accurate, neutral, and free from bias and errors.

Understandability:
Understandability is referred to the process of classifying, characterizing, categorizing, then presenting the financial information clearly and concisely, for (IASB, 2008) understandability means assuring financial information transparency and clearness, this process needs referring to some financial measures.

Comparability:
Comparability means the ability the information has in explaining and identifying similarities in and differences between two common sets or transactions of economic phenomena (IASB, 2008: 39).According to the ED, comparability could be arrived by attaining consistent information by companies, this could happen by enforcing the company to use the same accounting policies and procedures, either from period to period within an entity or in a single period across entities (IASB, 2008: 39).Comparability refers to the users' ability to make comparisons over time between different financial statements of a certain entity and those of other entities (Alfredson et al., 2007).

Timeliness:
The last enhancing qualitative characteristic discussed in the IASB (2010) conceptual framework is timeliness.The framework defines timeliness as having information available to decision makers before it loses its capacity to influence decisions (IASB, 2010).In specific terms, timeliness relates to the decision usefulness of financial reports.It refers to the time it takes to reveal the information in annual reports.It is usually measured in terms of the number of days it takes for the auditor to sign the accounts after book-year end.

The SysTrust's principles
According to the AICPA, SysTrust's framework is an assurance service that independently tests and verifies a system's reliability.It is assumed that any system meets the SysTrust principles should be viewed as being more reliable and thus be trusted more than anyone that does not.In other words, trust in the system of specific provider is influenced by the extent to which the system meets the SysTrust principles.It is referred to as trust in system reliability in this study.According to the AICPA, SysTrust is an assurance service that independently tests and verifies a system's reliability.The five fundamental components (principles) that contribute to the overall objective of the system reliability and related measures are: availability, security, integrity processing, confidentiality and privacy.These SysTrust's principles and criteria are designed to be complete, relevant, objective, and measurable and to address all of the system components and the relationships among them.In some cases, for evidence-gathering purposes, the criteria may need to be broken down.For example, either to be broken down by system component to address infrastructure, software, people, procedures, and data or can be broken down by system development phase which includes investigation, acquisition, implementation, operation, and maintenance.
Based upon the study's conceptual framework, the study hypotheses are formulated and proposed as summarized below: Ho1: The SysTrust's Framework (i.e.five principles: availability, security, integrity data processing, confidentiality, and privacy) are significantly implemented among business organizations.Ho2: There is a significant relationship between the implementation of SysTrust's framework (i.e., availability, security, integrity data processing, confidentiality, and privacy) and the quality of financial reporting.

Research methodology
In order to obtain the empirical data needed to validate the study's conceptual model and examine the research hypotheses, a self -administrated questionnaire was used to collect the required data.The target respondents were the shareholding companies in Jordan and the single key respondents approach was used.The key respondents were financial or accounting managers and financial directors.The identification of the individual business organizations in the country (Jordan) could be done by obtaining names of all companies, as well as their addresses, from a variety of private and public sources in order to identify the type of business sector, and the range of the number of companies in each sector.Restrictions of time and financial resources could make the inclusion of all business companies impossible.Therefore, the target population is only limited to the shareholding companies listed in Amman Stock Exchange Market database.Table 1 gives the demographics of the population and number of respondents by sector.A total of 328 self-administered questionnaires were distributed to the respondents by e-mail, postal, and hand from and the response rate was 73% after a period of sixteen weeks and two follow-up reminders.80% of the respondents were from service sector.Initially, research assistants called the companies to have appointments to distribute copies of the questionnaire to their companies.
Researchers have gained support from several official bodies in collecting data and motivating companies to response and collaboration including University of Brunel, Chamber of Commerce, Jordanian bank Association, Ministry of Higher Education and Ministry of Industry and Commerce.After respondents answered the questions, The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach the assistants collected te copies from them.In editing stage, the responses were reviewed for completeness and 16 questionnaires were eliminated because the respondents either failed to respond to all item measures for latent constructs used in this study or responded "no basis for answering" to some of the item measures.In this survey, some variables are factual (for example, companies' demographic information such as the type of sector), whereas others are perceptual (for instance, SysTrust principles, the quality of financial reporting).The dependent variables (i.e., the quality of financial reporting) and the independent variables (the extent of the implementation of SysTrust principles) were measured using a seven-point Likert scale.

Descriptive statistics
All the 95 items (70 items for SysTrust and 25 items for quality of financial reporting) were tested for their means, standard deviations, skewness, and kurtosis.The descriptive statistics presented below in Table 2 indicate a positive disposition towards the items.While the standard deviation (SD) values ranged from 0.99458 to 1.198, these values indicate a narrow spread around the mean.Also, the mean values of all items were greater than the midpoint (4) and ranged from 5.09 (A7) to 5.58 (S10).However, after careful assessment by using skewness and kurtosis, the data were found to be normally distributed.Indeed, skewness and kurtosis were normally distributed since most of the values were inside the adequate ranges for normality (i.e.-1.0 to +1.0) for skewness, and less than 10 for kurtosis (Byrne, 2010;Black et al., 2010;Kline, 2010).

A1
The system availability requirements of authorized users, and system availability objectives, policies, and standards, are identified and documented. 5

A11
The firm adopts policies and procedures for fast dealing with computerized accounting information system's mistakes to achieve a continuous availability to the system.The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach Construct /items Mean S.D Skewness Kurtosis

C2
The system confidentiality and requirements are communicated to authorized users.

C3
The entity publishes its confidentiality and related security policies on its corporate intranet.

C4
The security administration team has custody of and is responsible for the day-to-day maintenance of the entity's confidentiality and related security policies and recommends changes to the CIO and the IT steering committee 5.2197 1.1860 -0.506--0.160-

C5
The process for informing the entity about breaches of confidentiality and system security and for submitting complaints is communicated to authorized users.The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach

Measurement model validation
This study is applying the Structural Equation Modelling (SEM) technique in order to test and validate the proposed relations among the constructs in the study's conceptual framework.A two-stage approach of the SEM (measurement model and structural model) was employed to analyses the empirical data.By running AMOS21, the model fitness and constructs' reliability and validity were assessed in stage one (the measurement model) by means of the confirmatory factor analyses (CFA).This is followed by a structural model assessment which related to the validation of the conceptual model proposed and the testing of the causal paths the main independent (exogenous) and dependent factors (endogenous).The main independent constructs (exogenous) is the components of SysTrust's framework: (1) availability, (2) security (3) processing integrity, (4) confidentiality, and (5) privacy, while the independent factor is the quality of financial reporting (endogenous) in the conceptual model.All of these constructs were subjected together to both the measurement model and the structural model analysis and the results are presented under the following subsections.

Measurement model: confirmatory factor analysis
The confirmatory factor analyses (CFA) was employed to initially evaluate the measurement model's fitness (unidimensionality), and then measure the constructs' reliability and validity.It is also worth mentioning that the quality financial reporting was considered as a second-order construct.In this regard, relevance, faithful representation, comparability, and understandability as the main constructs for the quality financial reporting and these dimensions represent first-order factors measured through their own observed factors (items).The second-order of the confirmatory factor analyses (CFA) model fit was tested firstly for quality of financial reporting and noticed that it does not have adequate level of model fitness due to the fact that all some of indices do not capture values within their threshold levels (χ2 = 2767.336,df = 204; and χ2/df = 13.565),comparativefit index [CFI] = 0.756, goodness-of-fit index [GFI] = 0.678, incremental fit index [IFI] = 0.755, normed of fit indices [NFI]=0.70 and root mean square error of approximation [RMSEA] = 0.161), AGFI= 0.601 (Hu and Bentler, 1999).Therefore, there is room for some re-specifications and purification (Byrne, 2010).Fundamentally, a refinement process followed a number of criteria to enhance the model's fitness including inspection of standardized regression weights (factor loading), modification indices, and standardized covariance matrix (Byrne, 2010;Hair et al., 2010;Holmes-Smith et al., 2006).By looking at standardized regression weights for each item, it was found that R4 (relevance), R6 (relevance), F2 (faithful representation), U3 (understandability), CC4 (Comparability) all have a value less than the cut-off value (>0.5), and accordingly, a decision was made to delete them.According to the modification indices' table, error terms of R7, U5, U7, and CC6 were found to have a higher error term value, and accordingly these items were deleted (Hooper et al., 2008).By doing so, the CFA for the second order factor regarding the quality of financial reporting was tested again as suggested by Byrne (2010).The yielded fit indices indicted that the goodness of fit of the modified measurement model was adequately improved; all the fit indices this time were found within their recommended level as such: CMIN/DF was 2.720, GFI= 0.918, AGFI= 0.887, NFI= 0.959, CFI= 0.973 and RMSEA= 0.071 (see Table 3).

Model fitness for all constructs
A number of fit indices (CMIN/DF; GFI; AGFI; NFI; CFI; RMSEA) have been tested to ensure an adequate level of model goodness of fit to the data (Byrne, 2010;Hooper et al., 2008).As seen in Figure (3), seven latent constructs [Availability, security, processing integrity, confidentiality, and privacy, quality of financial reporting] formed the measurement model and therefore are subjected to the confirmatory factor analysis (CFA).Furthermore, 88 indictors (items) were adopted to measure these latent constructs as illustrated in the research methodology.As shown in Table 4, the preliminary measurement fit indices were found as follows: chi-square (CMIN/DF= 2.323; GFI= 0.730; AGFI = 0.710, RMSEA= 0.062; NFI = 0.837; CFI = 0.900.Having a closer look at some of the fit indices (e.g.GFI, AGFI, NFI), the model does not seem to have adequate fit to data, and therefore, there is room for some re-specifications and purification (Byrne, 2010).Fundamentally, a refinement process followed a number of criteria to enhance the model's fitness beginning with inspection of standardized regression weights (factor loading), modification indices, and standardized covariance matrix (Byrne, 2010;Hair et al., 2010).The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach By doing so, the CFA was tested again as suggested by Byrne (2010) and Kline (2005) without problematic items.The yielded fit indices indicted that the goodness of fit of the modified measurement model was adequately improved; all the fit indices this time were found within their recommended level as such: (Chi-square minimum discrepancy/degree of freedom) CMIN/DF was 1.892,(Goodness-of-Fit Index) GFI= 0.901, (Adjusted goodness-of -Fit ) AGFI= 0.818, (non-normed fit index) NFI= 0.903, (comparative fit index) CFI= 0.953 and (the root mean square error of approximation) RMSEA= 0.046 (see Table 4).Furthermore, the rest of the estimates were found within their recommended values; for instance, all remaining items were observed to have factors loading above the threshold value (>0.5).Standardized residual values were also found within the acceptable range of ±2.58 (Hair et al., 2017).These fit indices collectively indicate that the overall fit of the measurement model is acceptable.Thus, there was no need to conduct any extra modifications or amendments in the measurement study's model (Byrne, 2010).

Reliability & validity
As shown in Table 5, all constructs were tested to ensure an adequate level of scales reliability using Cronbach's alpha, composite reliability (CR) and average variance extracted (AVE).Statistical findings in this regard indicated that all latent constructs have Cronbach's alpha (α) value above the cut-off point of 0.70 ranging between 0.965 for integrity processing and 0.965 for Security (Nunnally, 1978).By the same token, CR for all latent constructs existed within their respective level of 0.70 as reported by Hair et al. (2010).Table 5 indicates that while the highest CR (0.906) was noticed for the quality of financial reporting, the minimum value was exhibited by the availability of AIS (0.832).Moreover, as seen in Table 5, the AVE value of the latent constructs ranged from 0.555 availability to 0.709 quality of financial reporting, which all above the cut-off value of 0.50 as are recommended by Hair et al. (2017).Both convergent and discriminate validity were inspected to measure the constructs validity.Relating to the convergent validity, we note (Table 6) that all unremovable items had s significant standardized regression weight with their latent constructs above the cut-off value of 0.50 and were statistically significant with the p value less than 0.0001 (Hair et al., 2017).By investigating the correlation among latent constructs, the highest value of inter-correlation estimates was less than 0.85 (Brown, 2006;Kline, 2005).Furthermore, as shown in Table 6 all latent constructs had squared root of AVE higher than the inter-correlation estimated as well as with other corresponding constructs.In light of these results, the model measures had attained an adequate level of convergent and discriminate validity.

Structural model and hypotheses testing
The structural model is used to validate the conceptual model and test the research hypotheses (Byrne, 2010;Hair et al., 2010).An inspection of structural model was conducted with 9 causal paths between independent factors (exogenous factors) and dependent factors (endogenous factors).As summarized in With regard to the path coefficients analyses, the coefficient values of the paths ending to quality of financial reporting including: Processing Integrity of AIS (γ=0.29,p<0.0159);Confidentiality (γ=0.400,p<0.000); and Privacy (γ=-0.397,p<0.000) security (γ=0.2705,p=0.046) and Availability of AIS (γ=-0.2911,p<0.030) and quality of financial reporting were found to be statistically significant.This result is supported by Konrath, 2002), Ricchiute, 2006,). Daneilia, (2013), and Toposh (2014).In summary, the magnitude and significance of the loading estimates indicate that all of these five principles of SysTrust are relevant in predicating the quality of financial reporting.Moreover, the reliability of AIS by implementation of these five principles of SysTrust have significant impact on the quality of financial reporting, as the structural coefficient for these paths are significant.Thus, in order to enhance the quality of financial reporting, companies should fully implement all these main requirements of SysTrust; s framework (principles and criteria).

Contributions and implications
This study has extended the understanding of the practice and implementation of the main constructs of the SysTrust's framework (Availability, Security, Integrity processing, Confidentiality and Privacy) as an internal control method for assuring the reliability of AIS by testing the phenomenon in a new environment.In the literature review, it was pointed out that most of the researches in this area were conducted in developed countries.To the best knowledge of the researchers, the implementation of the SysTrust and its relationship with the quality of financial reporting as proposed in this study has never been investigated in Jordan or any other developing countries, particularly within MENA.This study contributes to the existing body of knowledge by enhancing current understanding of importance of the implementation of the SysTrust's framework requirements (functions, policies, procedures and criteria) as internal control system for assessing AIS reliability, which is an under-researched area in Jordan as a developing country.However, explanations of several findings mentioned above, indicate the importance of contextual factors within organizations and its environment.By highlighting the significance of several contextual factors, this study also hopes to expand the focus of SysTrust's principles.
This study provides some insights into the implementation of SysTrus's framework by Jordanian shareholding companies, which should help accounting managers, auditors and practitioners, acquire a better understanding of the current SysTrust's principles implementation status and the importance of its relationship with the quality of financial reporting.The present study has many important implications for accounting managers, auditors and financial practitioners and top managers in the surveyed companies and in similar organizations.The authors believe that the decision-makers of business organizations could benefit from this study's findings by achieving better understanding of implementation of the SysTrust's framework requirements for assuring the reliability of AIS (functions, policies, procedures and criteria) as well as its influence upon the level of quality of financial reporting.This might help them in implementing the required actions and important changes within their organizations.Decision-makers should also be aware of the important of each principle of the SysTrust's framework and its major requirements that highly related to the quality of financial reporting, so that they can make the right decision and directions for any change within their organizations.All the principles of the SysTrust are relevant and should be emphasized.The reliability of AIS in shareholdings companies should be enhanced by the implementation of all the principles of SysTrust's framework (availability, security, confidentiality, integrity processing and privacy).The indicators for each SysTrust's principle suggest how that principle should be impacted by management action.
The impact of the implementations of the Sysrust's framework upon the quality of financial reporting: structural equation modelling approach However, this study has several limitations that should be considered when evaluating and generalizing its conclusions.However, the limitations discussed below can provide a starting point for future research.The study was conducted in one country, Jordan.Although Jordan is a valid indicator of prevalent factors in the wider MENA region and developing countries, the lack of external validity of this research means that any generalizations of the research findings should be taken with caution.Future research can be orientated in other national and cultural settings and compared with the results of this study.The data analysis was cross-sectional.As with all cross sectional studies, the parameters tended to be static rather than dynamic.This drawback limits the generalization of the study's findings to further situations and beyond the specific population from which the data was gathered.Future longitudinal studies could provide a better understanding of the implementation of AIS over time.The study used the multiple informant approach for data collections.This approach might not provide the consistent view about the organization.However, by using single informant approach in future research, the problem of consistent responses should be solved.

Table 8 . Fit Indices of Structural Model
Table6, the main statistical results indicated all the fit indices of the structural model were found to be within their threshold values as such CMIN/DF was 1.970, GFI= 0.903, AGFI= 0.807, NFI= 0.901, CFI= 0.954 and RMSEA= 0.053.Thus, suggesting that structural model adequately fit the data.Moreover, statistical results largely supported the conceptual model via explaining 74 per cent of variance in quality of financial reporting.