Thus, anecdotal reports of sub-optimality in relationships between the internal audit and information
systems security functions may be due to organizational characteristics that affect the quality of
communications. In order to explore this possibility and identify other potential factors that may hinder or
advance the development of optimal cooperation between the internal audit and information systems
security functions, we conducted a series of semi-structured interviews with both internal auditors and
information systems security professionals.