The Impact of the Decisions of the COBIT 5 Committee on the Effectiveness of the Internal Control Systems in the Jordanian Industrial Joint Stock Companies

The objective of this study was to identify the impact of IT governance under the COBIT5 framework on the effectiveness of internal control systems in Jordanian industrial companies. In order to achieve the objectives of this study, the descriptive and analytical methodology was used. The study society is composed of the accounting and financial departments, the number of (65) questionnaires were distributed to each company from the study sample of (43) companies, the researchers retrieved (97) questionnaires. After reviewing the retrieved questionnaires it was found that there are (4) questionnaires that are not valid for the statistical analysis. And thus the suitable number of questionnaires for analysis is (93). In order to analyze the study data and test hypotheses, the SPSS program was used in the various statistical analyzes, descriptive statistics and the internal consistency coefficient (Kronbach Alpha). The multiple linear correlation test was also used using the Pearson correlation coefficient and the variance inflation coefficient, Analysis of simple and multiple linear regression. The study reached several results, the most important of which was the existence of a strong and statistically significant relationship between the implementation of COBIT5's decisions (planning and organization, acquisition and implementation, service provision and support, evaluation and observation). The study concluded with several recommendations, the most important of which was the increase in the degree of companies' use of the pioneering brainstorming method in the qualification of employees within the companies and evaluating their performance according to the COBIT framework.5 In addition to the need for companies To develop future plans to activate the concept of control and auditing in the environment of the computer and the gradual transition to modern control methods, including automatic control under the COBIT5 framework.


Introduction
The importance of access to information technology for the technology produced by this technology is an appropriate output that enables users, managers and decision-makers to make the right decisions by accurately defining, planning and organizing corporate IT strategy, how to access it, use and deliver its resources and infrastructure To the different administrative levels, and to maintain them through control and provision. This is what is now called the term "IT governance, which is defined as: a set of responsibilities and practices of the Board of Directors And executive management with a view to the strategic leadership of the company to ensure the achievement of goals, and risk management appropriately and verify that the company's resources are used well.Given the importance of having control tools that control and manage the work of IT systems in companies, it was necessary to adopt control frameworks governing information technology in companies and such frameworks called COBIT: Control Objectives for Information and Related Technology, which was established as an IT control tool through 34 high-level oversight objectives, encompassing four dimensions: planning, organization, ownership, implementation, delivery, monitoring and evaluation (Edmead, 2015). The COBIT5 framework for information technology risk management is designed to assist managers, auditors and users in understanding their IT systems, as well as to help develop their governance model, and to choose the level of security and control necessary to protect the assets of the company efficiently and effectively.
Based on the above, the present study will attempt to explain the effect of applying the decisions of the Cobit 5 Committee on the effectiveness of internal control systems in the Jordanian industrial companies.

The Importance of the Study
The importance of the study is to try to monitor the impact of implementing the COBIT 5 decisions in increasing the efficiency of the internal control systems in the Jordanian public joint stock companies to keep abreast of the developments in the accounting systems in order to enable them to perform the duties effectively according to the automated systems.

The Study Problem
The problem of the study is to know the expected impact of implementing the COBIT 5 decisions on the efficiency of the internal control systems applied in the Jordanian public joint stock companies. The study problem can be formulated according to the following main questions: The main question: Is there an impact on the implementation of COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies? The following sub-questions are divided: 1 -Is there an impact of the applicationof the scope of the organization and planning according to COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies.
2-Is there an effect for the application of the acquisition and implementation according to COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies.
3-Is there an impact to the application of the service provision and support according to COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies.
4-Is there an impact for the application of the evaluation and direct observation feature and COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies.
5. Is there an impact of the application of monitoring, evaluation and assessment in accordance with COBIT's decisions on the effectiveness of the internal control system in the Jordanian industrial companies?

Hypotheses
Based on the questions of the study problem, the hypotheses of the study focused on the following: The main hypothesis: Is there no effect on the implementation of COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies? The following sub-assumptions are subdivided: 1 st Sub-hypothesis: There is no effect of the application of the scope of the organization and planning according to COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies 2 nd sub-Hypothesis: There is no effect of the application of the acquisition and implementation of COBIT 5 on the efficiency of the internal control system in the Jordanian industrial companies 3 rd Sub-Hypothesis: There is no impact of the application of the service delivery and support in accordance with the COBIT 5 Committee on the efficiency of the internal control system in the Jordanian industrial companies 4 th Sub-Hypothesis: There is no effect of the application of the evaluation and direct observation feature COBIT 5's decisions on the efficiency of the internal control system in the Jordanian industrial companies 5 th Sub-hypothesis: There is no effect of the application of the monitoring, evaluation and assessment in accordance with COBIT 5's decisions on the efficiency of the internal control system in the Jordanian industrial companies

Previous Studies
Study (Michele et al., 2017) entitled an empirical examination of cobit as an "internal control framework for information technology" The study aimed to highlight the assessment of information technology systems using COBIT. The study used a questionnaire as a tool for study. The study society represented (all the shareholding companies). The sample of the study was 220 employees. The questionnaire was distributed with the same number of employees. That the COBIT conceptual model of auditing assessments related to internal control, and that theCOBITconceptual model predicts the conduct of the auditor in the field. The study recommended the need to propose independent research aimed at developing a general theory of internal control applicable to information technology on the basis of COBIT. MutiaraAb et al. (2017), "Analyzing COBITt5 it audit framework implementation using ahp methodology" The study aimed to identify the COBIT system as the best criterion for the practice of government supervision in terms of information technology and its evaluation. The study used the hierarchical analysis process for a group of organizations and companies in Indonesia. The study showed that there are many benefits resulting from its use, And the study showed that many Indonesian organizations are using this technology. The study also recommended the use of the COBIT standard in the control of information and technology, And then use this study to strengthen the theoretical framework.
The study aimed to shed light on the importance of the COBIT system in the information security framework, and the study tool was represented by a study entitled "The effectiveness of COBIT 5 information security framework for reducing cyber attacks on supply chain management system" The researcher used the case study methodology, a single company with a global presence based in the United Kingdom. 115 questionnaires were distributed to a group of employees and department managers randomly selected from the company chosen to study the case. The study also concluded a series of results, That the COBIT system is of great importance in maintaining the supply chain management system from penetration. The study also recommended to rely primarily on COBIT system in order to maintain the supply chain management system from penetration.
The concept of information technology governance IT governance under the COBIT 5 framework defines "governance as ensuring that stakeholders' needs, conditions and options to achieve balanced and agreed-upon goals at the enterprise level and to be achieved through prioritizing and decision-making, performance monitoring and compliance with agreed trends and objectives" (Preittigun et al., 2012).
Governance has also been defined as "an ongoing process that helps define the overall direction of IT management and imposes control over the entire ecosystem in IT according to business objectives" (Al Skafy and Al Theebah, 2012).
It has also been defined as "a set of processes that ensure the effective use of information technology to help achieve its objectives" (Khnyile and Abdullah, 2012).
Governance has been defined as a tool for assessing, guiding and ensuring the use of information technology to support the institution in order to achieve its expected objectives.
The importance of IT governance and the barriers to its adoption IT Governance is an important part of our time because of its leadership in increasing the efficiency of companies and the effectiveness of their work, helping them to evaluate their internal control systems. The importance of information technology governance is as follows (Abdul Rahman, 2013): -Developing an information technology strategy and working on operational and strategic examination.
-Development and management of IT systems.
-Ensure that business projects are completed.
-Identify methods, means and processes associated with information technology.
-Identification of best practices in the field of technological development.
-Management and development of applications for information technology.
-Development of performance indicators .
-Increase the capacity of information technology to attract inventions and innovations and to achieve the desired benefits.
The concept of COBIT 5 and its various areas and their relationship to internal control systems and auditing: There are several definitions of COBIT 5: "A comprehensive framework that helps companies create optimal value by maintaining a balance between achieving benefits, improving risk levels and using resources" (ISACA, 2014).
It is also known as the "governance and management framework for relevant information and technology that begins with the information and technology needs of stakeholders, including all institutions, including non-profit organizations and the public sector" It is also defined as "a framework that helps companies create optimal value in information technology by maintaining a balance between achieving benefits, improving risk levels and using resources" (Samiotakis, 2013).

Planning and Organization
This is a key pillar in building IT governance and corporate governance. The controlling key has a number of objectives, which aim to coordinate technology and company activities through short-and medium-term planning. The company has to provide technology infrastructure and structure And technical staff, and communicate with them in relation to technical management requirements. It includes all of the following: (Romero et al., 2017).
 Information Technology Department:  Management of strategy  management of the structure of the institution  Innovation Management  Management of the portfolio  Relationship management  Human resources management  Risk management  Quality management

Ownership and Implementation
It is intended to determine the requirements and ownership of information technology to successfully carry out business within companies. This controlling factor includes the following objectives: (Bakshi, 2017).
1. Managing changes, acceptance and conversion 2. Program and project management 3 -Management of the identification of requirements 4 -Management solutions identify and build 5-Knowledge management

Support and Connection
This scope focuses on adding value to the IT system as well as providing data support and processing correctly to sustain business activities, maintaining continuity of information flow and making it permanently available to internal and external beneficiaries. This includes the following objectives (Iqbal et al., 2016): 1. Operations management 2. Asset management 3. Service and event management 4. Problem Management: 5. Business continuity management 6. Security management 7. Management of business process controls (Romero et al., 2017) This framework provides for a plan for the follow-up and evaluation process, which explains what to follow, what activities are needed to conduct the monitoring and evaluation process, who is responsible for them, and the date and place of their conduct. This controlling factor has the following objectives:

Monitoring and Evaluation
1. Monitor and evaluate performance and conformity 2. Control of the internal control system 3. Monitor and assess compliance with external requirements

Guidance and Monitoring
Monitoring is the collection and analysis of information relating to a project or program and is carried out during the implementation of the project or program. Guidance is the periodic guidance of an organization, project or program that may be conducted internally or by independent external evaluators. This controlling factor includes the following objectives (Abdelbasset, 2014): 1. Ensure transparency of stakeholders 2 -Ensure the delivery of benefits 3. Ensure risk improvement 4. Ensuring improved resources Thus, the researchers see that the development of the internal control system came to keep abreast of the developments, events and major changes that took place in all fields of industrial, commercial and technological, resulting from the expansion in the size and type of companies and the complexity of their operations and the emergence of so-called multinational companies and their spread over large areas by professional people who do not own them. The managements of these companies need to create and develop effective control systems capable of providing protection for their properties, monitoring their operations and making sure that the use of their resources is carried out efficiently and effectively to achieve their objectives and protects the management from legal liability towards all concerned parties and attention to the company's affairs.
Based on the above, the need for an internal control system under IT governance applications can be summarized as follows: 1. Separation of ownership from management 2. Organizational structure of the project and its ramifications 3. The need of government agencies for data and information The researchers agree with (Michele et al., 2017) that the use of information technology under the framework of the framework (Cobit5) in the audit accounting information systems reduce the time spent and thus reduce costs and improve the quality of the audit process and the efficiency of internal control systems The existence of risks related to the security of computer information requires the provision of an appropriate degree of information security and electronic protection of accounting information systems and internal control systems so as to ensure that the information technology used in the company helps to achieve its strategy and expand and achieve its objectives and build relationships and work. In order to achieve its objectives by maximizing the results while taking into account the risk balance against the expected return of information technology as a result of using the Cobit5 framework.
In this sense, researchers believe that it is necessary for companies to keep pace with this development by developing future plans to activate the concept of auditing in the environment of computer and gradual transition to modern methods of control, including automatic control, which can be defined as testing on programs used within the computer to tighten As well as the study of procedures and work steps used in the input of data to the computer and the methods of control to ensure the integrity and validity of data entered to the computer in addition to the evaluation of internal control systems on the inputs and outputs of the operation of the computer Automated use of corporate electronic accounting information systems.

Society and the Study Sample
The study group consisted of the staff of the accounting and financial departments and the internal audit unit of the Jordanian public companies. The total number of (65) questionnaires were distributed to each company from the study sample of (43) companies, from which the researchers retrieved (97) questionnaires. After reviewing the retrieved answers, There are (4) questionnaires that are not valid for the statistical analysis. Thus, the number of valid questionnaires were (93) questionnaires.

Characteristics of the Study Sample
Table (1) shows the distribution of sample members according to the personal variables of the study sample: Table (1) shows the following: 1. The highest percentage of the distribution of the members of the sample according to the variable of scientific qualification (62.4%) of the scientific qualification (Bachelor), which is high, while the lowest percentage (3.2%) of the scientific qualification (PhD),which is a small proportion, That indicated the focus of companies on the employment of university degree holders considering their good cultural level, which makes the study sample qualified to answer the items of the questionnaire and reliance on them. 2. The highest percentage of the distribution of the subjects according to the variable of study specialization (68.8%) was for accounting (high), while the lowest percentage was (4.3%) for IT specialization. The focus of the study is on the accounting specialization as the main specialization capable of working in this field. Thus, the study sample has the concepts, principles and methods of accounting during their university stage, which increases their awareness of the importance of the subject of this study and thus can be relied on in their answers. 3. The highest percentage of the distribution of sample members according to the variable vocational certificate( other ) (59.2%), that indicated people with no vocational certificate ,which is a high percentage compared to those with a vocational certificate. This percentage may not lead to a professional certificate indicating the lack of interest by the companies to encourage their employees In order to qualify them for professional certificates and appoint them, where the direction of the management of companies towards the initial university degrees and training and have sufficient experience. 4. The highest percentage of the distribution of the sample members according to the variable years of experience in companies (30.1%) for the period of experience (more than 20 years), while the lowest percentage (10.8%) for the period of experience less than 5 years, The study sample has sufficient experience, especially if it is dealt with with scientific specialization and scientific qualifications, which strengthens the results of this study.

Testing the Validity and Stability of the Study Instrument
The validity of the content of the tool used in the study was verified by presenting it to a group of faculty members with experience, competence and management in the 93 companies, to express opinion in each field of study and the wording of the paragraphs and the extent of the relevance of each paragraph in its field. And the addition of new questions to conform to the proposals and observations of the arbitrators, and thus became the tool of the study (questionnaire) with a final form of (55) paragraphs distributed over (6) areas.
While the stability of the study instrument means being consistent with stability, reliability and predictability of the results; that is, the degree of consistency or consistency in the results of the questionnaire applied more than once in similar circumstances. To calculate the stability of the study instrument, the study tool was divided into six domains to measure the stability of each field and the instrument as a whole. The internal consistency test was used for the Cronbach Alpha results of the sample of the study obtained. Its high value indicates a high degree of stability,and The value that is statistically acceptable for this measure is (60%) or more (Sekaran and Roger, 2013), In other studies, the value is statistically acceptable if it is (70%) or more. It is clear from the results of the data analysis in Table (2) that the result of the stability of the subjects is high. The tool as a whole Table (2) shows that the coefficients of the Cronbach Alpha coefficients were high and that the stability of the subjects as a whole was high at (88.3) indicating that the study instrument has high reliability.

Correction of the Scale
The questionnaire consisted of (55) paragraphs. The researchers used a five-dimensional Likert scale to measure the opinions of the study sample members, and was given a very non-approved (1),non-approved (2), neutral (3), approved(4) very approving (5 ), By marking (√) to the answer that reflects the degree of their approval, and the following classification was based on the following five-point calculation methods: The level of effectiveness was determined according to the following measure: The length of the class = (the upper limit of the alternative -the minimum of the alternative) / the number of levels (5-1 /) 3 = 1.33 The levels are as follows: A low approval score is less than 2.34. The average approval level is 2.34-3.67. High approval level of 3.67 and above.

Natural Distribution
In order to determine the normal distribution of the sample data, the Kolmogorov-Smirnov Z test was applied to all fields of study and oneach variable be it independent and dependent. The natural distribution data is followed if the probability of testing is greater than 0.05%. Table (3) shows the test result:  Table 3 shows that the test value (Kolmogorov-Smirnov Z) for the study domains ranged from 1.13 to 1.35, which is acceptable at a significance level (0.05) where the probability ratios for all responses were greater than (0.05) Statistical analysis of this study, thereby ensuring that distribution is a natural distribution of all domains. Table 4 shows the value of VIF and Tolerance The first hypothesis The VIF test was used to verify that there was no problem of multiple-link multiplexing because it is considered a problem as one of the problems encountered in the statistical estimation of regression coefficients. The above table shows that there is no problem of multiple correlation between independent variables being less than 5, and thus accepting the level of variance in each independent variable.  (5) shows the arithmetical averages and standard deviations of the field of planning and organization and the grade level according to the arithmetic average and the degree of importance from the point of view of the study sample.          The company has an effective information and communications system that is effective and effective in communicating information to all levels of management with a view to controlling procedures . 4.03 0.68 9 High The company's information system provides accurate information that contributes to the improvement of its control procedures 9 4.00 0.69 5 High The company must have a communication system that reflects clarity in all the powers and responsibilities of its employees to serve its supervisory procedures

Results
Discussion of the study results: The main hypothesis: There is no impact on the implementation of COBIT 5's decisions on the efficiency of the internal control system in Jordanian industrial companies To test this hypothesis, multiple regression analysis was used to identify the relationship between the implementation of the COBIT5 Committee's decisions (planning, organization, acquisition and implementation, service delivery and support, evaluation and direct observation, monitoring, evaluation and assessment) Views The table shows a strong and statistically significant relationship between the implementation of COBIT5's decisions (planning, organization, acquisition and implementation, service provision and support, evaluation and direct observation, monitoring, evaluation and assessment) of the efficiency of the internal control system in Jordanian industrial companies) Where the value of Freached (20,274) and a In statistical significance (0,000), it reached Adj. R2 (51.2%), which represents the influence of the independent variable (COBIT5) in the dependent variable (the efficiency of the internal control system), thus rejecting the main null hypothesis and accepting the alternative hypothesis.
Results related to the first sub-hypothesis: There is no effect to apply the property planning and organization according to COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies.
The result of the multiple regression showed a positive correlation between planning and organization and the efficiency of the internal control system and statistical significance. The result indicates that increasing the independent variable by 1% leads to increasing the dependent variable by (0.220) units, thus rejecting the null hypothesis and accepting the alternative hypothesis.
Results related to the 2 nd sub-hypothesis: There is no effect to apply the acquisition and implementation in accordance with COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies The result of the multiple regression showed a positive relationship between acquisition and implementation according to COBIT 5 and the efficiency of the internal control system. The result indicates that increasing the independent variable by 1% leads to increasing the dependent variable by 0.113 units, thus rejecting the null hypothesis and accepting the hypothesis Alternative.
Results related to the 3 rd sub-hypothesis: There is no trace of the application of the service provision and support in accordance with COBIT 5 decisions on the efficiency of the internal control system in the Jordanian industrial companies The result of the multiple regression showed a positive relationship between the application of the service provision and support according to COBIT 5 and the efficiency of the internal control system in the Jordanian industrial companies and statistical significance. The result indicates that increasing the independent variable by 1% leads to increasing the dependent variable by (0.191) , Thus rejecting the nihilistic hypothesis and accepting the alternative hypothesis.
Results related to the 4th sub-hypothesis: There is no effect on the application of the evaluation and direct observation feature. The decisions of the COBIT 5 Committee on the efficiency of the internal control system in the Jordanian industrial companies The result of the multiple regression showed a positive relationship between the application of the evaluation property and the direct observation and the COBIT 5 decisions and the efficiency of the internal control system. The result indicates that increasing the independent variable by 1% leads to increasing the dependent variable by 0.116 units, thus rejecting the null hypothesis we accept the alternative hypothesis.
Results related to the 5 th sub-hypothesis: There is no impact on the implementation of the monitoring, evaluation and evaluation of COBIT 5's decisions on the efficiency of the internal control system in the Jordanian industrial companies The result of the multiple regression showed a positive relationship between the application of monitoring and evaluation and evaluation in accordance with COBIT 5 and the efficiency of the internal control system. The result indicates that increasing the independent variable by 1% increases the dependent variable by 0.126 units, thus rejecting the null hypothesis we accept the alternative hypothesis. Monitoring, evaluation and assessment ***, **, * means that the significant level is at 1%, 5% and 10%, respectively 4.1. Results and Recommendations 4.1.1. Results 1. The existence of a strong and statistically significant relationship between the implementation of COBIT5's decisions (planning, organization, acquisition and implementation, service provision and support, monitoring, evaluation and assessment) in the efficiency of the internal control system in Jordanian public joint stock companies 2. The result of multiple regression showed a direct correlation between planning, organization and efficiency of an internal control system of statistical significance 3. The result of multiple regression has shown a direct correlation between acquisition and implementation in accordance with COBIT 5 and the efficiency of the internal control system. 4 -The result of multiple regression showed the existence of a direct relationship between the application of the provision of service and support in accordance with COBIT 5 decisions and the efficiency of the internal control system in the Jordanian industrial companies and statistical significance. 5 -The result of multiple regression showed the existence of a direct relationship between the application of the property of evaluation and direct observation and the decisions of COBIT 5 and the efficiency of the system of internal control and statistical significance. 6. The result of multiple regression showed a positive relationship between the application of monitoring and evaluation and evaluation in accordance with COBIT 5 and the efficiency of the internal control system.

Recommendations
-Increasing the degree of corporate use of leading brainstorming method in the qualification of employees within companies and evaluating their performance according to COBIT 5 framework. -The need to update and develop information technologies, especially those related to technology because of their role in maintaining the continuity of companies commensurate with their current and future plans. -Increase the degree of verification and verification of the provision of appropriate security controls that ensure the safety of corporate information security. -Increasing the level of efficiency and effectiveness in the procedures of control systems on the company's daily operations because of its importance in reducing the level of control risks. -It is necessary for companies to develop future plans to activate the concept of control and auditing in the environment of the computer and the gradual transition to modern methods of control, including control under the framework COBIT5 -Study the procedures and work steps used in data entry for the computer and control methods in accordance with the framework COBIT5 to ensure the integrity and validity of data entered to the computer in addition to the evaluation of internal control systems on the inputs and outputs of the operation of the computer in the use of companies to electronic accounting information systems