In order to conduct an initial examination of the factors that influence the nature of the relationship
between an organization's information security and internal audit functions,we conducted a set of structured
interviews at four organizations in the education industry. Appendix A presents the list of questionswe asked
and the underlying source motivation for each topic. Table 1 provides descriptive demographic information
about our sample.