Developing a GIS Audit Framework in the Context of Information Technology though a Reductive Model Approach ()
1. Introduction
In the context of GIS audit, a framework is a reference for undertaking GIS audit [1] . The extent to which GIS is utilized in an organization should be audited to ensure monitoring and evaluation. Previous GIS audit frameworks are designed for specific operations and may require calibration or customization for a more meaningful result that fits users’ need [2] . This necessitates a generic framework that provides a wide range of audit aspects within various levels of GIS. The main objective of this paper was to present the design of GIS audit framework through a reductive model approach.
GIS is broad and complex [3] which poses a challenge in the design of the audit framework, considering that GIS inputs & outputs are distinct and specific to particular applications [4] . In this regard, a reductive model approach was adopted in the design of the audit framework. The approach ensures that the entire GIS is presented in terms of its components and still preserves its identity [5] . The reductive model approach addresses the complexity and multidimensionality of GIS audit [6] , by breaking down the main parameters and focusing on sub-parameters. The next section reviews the reductive model approach and its application in GIS audit, followed by a presentation of on the approach in the design of the GIS audit framework. The framework is then presented subsequently.
2. Literature Review
2.1. Reductive Model Approach
Information systems are complex and comprise several integrated components [7] . The complexity makes development of audit framework demanding and difficult [8] . The audit framework parameters may not be exhaustively captured, necessitating use of strategies to simplify and reduce complexity [9] . Reductive model approaches have been applied to provide approximations related to parameters under consideration [10] . Reduction provides an explanation that decomposes complex activities and localizes components within the complex system [11] . It implies that a theory which describes phenomena at a particular set of large scale may be reduced to theories appropriate at smaller scale [12] .
2.2. Introduction to Reductionism
Reductionism is an approach that is used in many disciplines including psychology that is centered on the belief that something can be explained by breaking it down into its individual parts [13] . The idea of reductionism was introduced by a French philosopher “Rene Descartes” back in 1637, where he argued that a complex system can be explained by reducing its fundamental parts [14] .
Recent literature suggests that reductionism originates in what is called “multi-scale argument” based on the fact that numerous successful scientific models appeal to features and properties from wide range of scales [15] . The model concerns the behavior of materials that display radically different behaviors at different length of scales [16] . It is based on the assumption that any complex system is best understood by analyzing its physical parts in isolation [17] . The perspective taken by this paper is that GIS is composed of components such as data, software, hardware, people and methods [18] . While a component such as hardware is obvious, diversity or quantity of data, software, competency and procedures that professionals use are sometimes overlooked [19] . There is need for them to be analyzed and reduced in order to arrive at optimal audit elements.
2.3. Common Applications of Reduction
The reduction approach holds a significant influence and application on information system, medical science and biology [20] . In information system, understanding system behavior proceeds from bottom-up by aggregating explanations of individual components behaviors [21] . Basic concept is approximation of large scale dynamic systems [22] . It decomposes a given system into a number of subsystems for computational efficiency and design simplification [23] .
2.4. Reduction in GIS
GIS comprises components with complex elements and connections linking them [24] . This necessitates breaking down the complexity of such a system [25] . Even though there isn’t a generic approach for resolving system complexity, information systems problems are context specific [26] . Reducing complexity of GIS involves an approach that introduces GIS concept to determine what exactly need to be reduced [27] .
Not much has been done for GIS reduction but literature reveals that reduction approach has been applied to reduce complexity of GIS vector data during transmission [28] . In information system, reduction has been applied to deal with complexity where reduction mechanisms such as partition, projection and filtering are applied to reduce quantity or diversity of elements [10] . Also, attribute reduction model has been applied to provide parameter approximations for massive and complex information system datasets [29] . Figure 1 illustrated the GIS audit reduction process.
The strategy for reducing GIS audit complexity is centered on interpretation of elements that represent GIS as a system [30] . Essential elements and their relationships are understood qualitatively by applying partition as the main reduction strategy of abstracting audit elements [9] . From Figure 1, partition involves breaking down quantity and diversity of GIS audit parameters into simplified elements [31] . Four aspects: quality, functionality, performance, monitoring & evaluation are considered meta-models that correspond to general concepts for describing GIS audit [9] . The meta-models are themselves models comprising concepts that guide in abstraction of audit elements [32] .
The meta-models are explored to come up with simplified essential audit elements [9] . Audit concerns are addressed through formation of classes/categories in relation to each aspect under consideration [33] . For instance, quality elements characterize fitness for use and production of GIS products and services with quality level that fulfils requirements [34] . Abstraction focuses on essential
Figure 1. GIS audit reduction (source owner).
quality elements categorized into spatial location, relationship and attribute information that provide an effective framework for encoding geospatial data [35] .
Similarly, Functionality of a GIS software is characterized by analytical capability and suitability aspects that determines its ability to achieve desired objectives [24] . Commercial and open source GIS software has significant variation in terms of functionality [36] . Based on software platform (desktop, web, server or specialized) used, software utilization is centered on software effectiveness to the defined GIS application [37] . Abstraction of software functionality is based on elements deemed to provide primary needs to solve spatial issues categorized into mapping, spatial analytics, external environment support and customization [38] .
More so, a successful GIS performance is defined by competencies that address workforce need within a particular work setting [39] . This involves professionals with specialized skills and general competencies that influence their ability to manage GIS resources [40] . However, evolving set of responsibilities and expectations associated with GIS professionals poses a challenge on addressing the knowledge and abilities they are expected to possess [41] . Abstraction of essential GIS competency audit is therefore based on elements that support organizational needs, categorized into technical knowledge and skills, workplace competencies and personal effectiveness [39] .
In addition, monitoring & evaluation aspect provide procedures to oversight GIS implementation, datasets, technology and resources [42] . With GIS attributed to various technologies, processes and methods [18] , the complexity of monitoring and evaluating GIS is simplified with respect to GIS procedures that focus on staying up to date in line with GIS components, resources and technology [43] .
The classes/categories resulting from explored meta-models are filtered to provide reduced elements for entire model [9] . Filtering is restricted to properties or attributes explicitly related to each GIS audit parameter [44] as presented in Table 1. For example, quality involved filtering audit elements aspects with respect to accuracy or thoroughness of spatial and attributed information [45] . They reflect quality elements that facilitate compliance and consistency of GIS Data [46] . On the other hand, GIS software functionality filtration was based on those that match common users’ needs: capture, store, retrieve, manage, display, and analyze all types of spatial & non-spatial data [47] . This is with respect to GIS application need aimed at reducing the resources and costs associated with supporting bundled GIS software tools [48] . Similarly, filtration of performance involved elements of qualified and successful geospatial industry workforce with respect to sector-specific, personal effectiveness and management competencies [41] . Additionally, monitoring and evaluation were filtered with respect to basic
procedures for managing a progressive GIS that support successful operations, data management, applications development, customer support and GIS funding [49] .
There isn’t a perfect solution to reducing system complexity neither is there a specific standard approach [26] . For complex systems such as GIS, context specific approach is recommended [9] . This approach starts with review of concepts underlying the system [33] . This enables understanding system dynamics to assist in analysis & identification of quantity or diversity of reduction elements [50] . Model abstraction mechanisms & strategies such as projection and partition are applied to reduce quantity or diversity of elements and their interrelations [9] . Partition focuses on breaking down the entity into pieces [31] while projection focuses on compacting the entity [51] and still preserves the physical properties after reduction.
In this paper, partition has been applied as the main strategy for reducing GIS audit parameters. The audit parameters have been broken down into simple elements that focus on pertinent audit elements. It may be difficult to understand all associated elements for a system that is constantly evolving like GIS [52] . This may render GIS as a system perceived more than the sum of broken elements, such that aggregation of broken elements may not equal to a complete GIS system. Major benefit of this reduction is that the complexity of GIS system is decomposed into smaller elements that are easier to investigate and work with for a successful audit engagement [21] .
3. GIS Audit Framework Design Methodology
3.1. Stakeholders Perspective
The framework design is centered on different levels of GIS application areas within an enterprise setting. GIS users may have different views on GIS audit depending on the size or focus of the organization, hence necessitating their involvement as co-designers. For this reason, a questionnaire inform of a GIS audit checklist was prepared and shared with various GIS users in Kenya to ensure participation and ownership [53] . The questions were not structured but open-ended in which the participants were free to give their responses [54] . They gave views with regards to elements they would want audited with respect to the four categories of GIS audit parameters. These views were integrated into the reduction model with respect to the four meta-models: quality, functionality, GIS performance, monitoring & evaluation. They were filtered to form part of reduced audit elements. The choice of selected co-designers was informed by the level of uniqueness and size of their organizations, clustered into national government, county government, government land agency, private sector and private practitioner.
3.2. Design Architecture
Audit is a dynamic and complex activity comprising several inter-related activities [55] . A structured design is employed for each GIS audit parameter to capture aspects of planning, need assessment, audit execution, completion and reporting [56] . This helps in establishing overall audit strategy for engagement and development of an audit plan [57] . The main architecture of audit plan is presented in an audit process flow that outlines GIS audit requirements. The flow provides a sequence of processes that describes design components crucial for each GIS audit parameter. Each parameter is uniquely described by considering its associated parameters, key features and contribution to GIS.
3.3. Data Quality Audit
The design of data quality audit identifies data integrity constrains that detects and evaluate inconsistencies within a GIS database [58] . Topological, spatial and attribute consistencies are fundamental in defining GIS data integrity elements [59] . The roadmap to data quality audit is a well-defined data quality audit architecture as illustrated in Figure 2. The figure is a guide that organizes appropriate levels of data quality audit engagement. It demonstrates an audit process in which a GIS user starts by outlining the context of GIS application to determine required data, accuracy and suitable data verification tools [60] . Quality of both the existing and primary data should be evaluated to ensure fitness for the intended use [61] . A matrix is used to organize data quality audit priority levels. The matrix comprises rows that define Data Integrity Parameters (DIP) and columns that define Basic Audit Elements (BAE) vital for data quality audit process.
3.4. Software Utilization Audit
The methodology captures software utilization in relation to its features and functionality [62] . It takes into account software audit architecture that provides necessary steps for a GIS software audit as illustrated in Figure 3. The figure demonstrates a GIS software utilization audit based on the knowledge of GIS architecture in place. This provides an audit engagement that affirms right tools for the identified architecture. The architecture provides a software utilization matrix whose columns are designed to define major GIS functions (F1, F2…) within a GIS software ((S1, S2…). It is vital to determine a suitable software package for the preferred GIS architecture. This will help to analyze software impact in terms of usability, reliability and costs.
3.5. Personnel Competency Audit
The main architecture for GIS personnel competency is presented by a process flow as illustrated in Figure 4. It outlines critical GIS performance subjects that guide in assignment of appropriate staff who meet GIS application needs and desired output quality. The workflow comprises a matrix developed to measure performance expectation of each staff (Emp1, Emp2…) in relation to performance subjects outlined (Technical Knowledge and Skills-TKS, Experience gained from
Figure 2. Data quality audit architecture.
working within a GIS Environment-EG, Exposure to Equipment & Software-EES, Behavior Competencies-BC…). This assists in coming up with a competency plan with specific action for competency development strategies. Audit subjects are guided by a series of important considerations to ensure each subject matter is clear on performance indicators for an operational GIS with respect to customer satisfaction, quality of internal processes, personnel development and revenue growth.
3.6. Procedures Audit
GIS procedure guidelines are presented by an architecture that is designed to ensure a centralized GIS management process that targets operations, data, technology, operating procedures, legal issues, stability, growth and funding of GIS.
Figure 4. Personnel performance competency architecture.
Figure 5 defines major GIS monitoring and evaluation elements (M & E Elements) that determine whether the GIS setup is on its way to achieving its goals and objectives. These are characterized by GIS data and resources accountability, key GIS management subjects, GIS technological advancements and GIS operations.
4. GIS Audit Framework
The framework design outputs consist of design effort for each category of GIS audit parameter. Audit subjects are structured in a matrix whose columns comprise basic audit elements. The matrix is simple and the design is customizable,
flexible and open to meet future growth and opportunities. Core elements of audit matrix comprise audit goal, question, definition, methods, frequency and responsibility as illustrated in Table 2. Data quality, personnel competency and procedure parameters adopt these elements for their audit. However, software utilization parameter comprises two elements of audit matrix; functionality and percentage utilization score.
4.1. Data Quality
Data quality audit outputs are meant to enhance confidence in data integrity, compliance, availability, reliability, efficiency, effectiveness and confidentiality [63] . They are identified based on how well GIS dataset meet the criteria set for its product specification as provided by ISO 9113 geographic information quality principles [64] . The principles are based on completeness, logical consistency
and positional accuracy [65] . Similarly, [66] describes seven crucial information that characterizes quality to include availability, integrity, compliance, reliability, efficiency, effectiveness and confidentiality. With respect to these principles and characteristics, spatial data quality is grouped into two components: internal quality which corresponds to the extent of similarity between data produced and ideal data that should have been produced and external quality that corresponds to the level of conformance that exists between spatial data products and user’s needs within a given context [67] . In relation to these two components, data quality audit parameters are grouped into eight elements: accuracy, lineage, currency, completeness, consistency, coverage, adequacy & reliability. The resultant data quality design framework is presented in Table 3.
4.2. Software Utilization
Software utilization is centered on a GIS software that is able to capture, store, process, query, analyze and visualize GIS data [68] . However, sifting through available choices of GIS software tools/functionalities and setting them up for evaluation could be time consuming with considerable amount of trial and error [48] . With this consideration, the design has adopted audit criteria based on common GIS users’ requirements in relation to important elements of software utilization and operational processes [69] . These elements are related to mapping, spatial intelligence, external environment support and customization [38] . The mapping element takes into account a software that is able to collect data, perform edits and manipulations that suit broad GIS application needs [69] . Spatial intelligence focus on a software that generates accurate and useful information for various intelligence decisions [38] . External environment support is based on the consideration that a GIS software is capable of exporting and importing data from different data formats & schemas [70] . Software customization considers customer preferences which are not fixed within the built GIS tools [71] .
In reality, GIS users utilize a small fraction of functionalities built within a GIS software and some are not able to interrogate components needed, or not needed, to meet user requirements [48] . A GIS user needs to evaluate software utilization
Table 3. Data quality audit framework design.
to interrogate software functionalities in order to review and analyze percentage utilization within the GIS. Table 4 presents a software utilization matrix based on a design that provide a “yes” or “no” answer for each software to determine final percentage utilization.
4.3. Personnel Competency
Personnel competency audit design is founded on basic knowledge, skills and behavior required to perform their roles. The design provides a tabular model for major elements that entails auditing personnel competency within a GIS environment. It encompasses personnel competency associated with parameters in terms of technical knowledge and skills, experience gained from working within a GIS environment, exposure to GIS hardware and software, GIS software applications development, GIS quality Control and Quality Assurance, GIS governance and behavior competency. These are described in Table 5.
4.4. Procedures
The design is associated with various aspects that ensure proper procedures for monitoring and evaluation of a lasting GIS. Associated parameters are derived from a checklist of 7 elements which include GIS operations (strategies, implementation, processes, outputs & communication), Data (accurate & relevant data),
Table 4. Software utilization design.
Responsibility: GIS User (Evaluate & Analyze), GIS Manager (Report), Senior Management (Act).
Table 5. Personnel competency audit framework design.
Technology (Hardware & software), GIS data standards and operating procedures, Stability, Growth and Funding. Major outcome includes proper documentation and reporting that expedites tracking of GIS progress. This will provide room to measure accrued benefits from the developed GIS. They also act as a pointer to the GIS stakeholders on whether to retain or refresh GIS strategies where need be and also develop cases for GIS improvement and investments. These are described in Table 6.
5. Results and Discussion
5.1. Results
The GIS audit design framework presents the output obtained from analyzing each audit parameter. It provides a logical sequence of audit activities that should be performed within the specified audit structure. It has defined audit goals that describe what each audit element is intended to achieve. Based on these goals, the user may be guided on the appropriate parameter to use with respect to audit circumstances. A set of results that clarifies the role of each GIS audit parameter in monitoring and evaluating GIS is summarized in Appendix A1.
5.2. Discussion
The framework provides audit content with respect to GIS key areas and competences. It presents the flow of audit processes and tasks required to deliver GIS audit results. The design addresses the accountability of GIS in terms of development, implementation and sustainability. Data audit provides a structure that implements data quality as fitness for use [72] . It considers imperfections of spatial data which is mainly expressed in terms of position or topology [34] . However, the description of spatial data quality is broader than these two aspects [73] hence the design is fostered on an audit that gives room for assessment of other
Table 6. GIS procedures audit framework design.
components that constitutes GIS data quality. It is important to evaluate quality based on data information and the intended application/use to ensure compliance. GIS data is differentiated in terms of space, time, and theme [74] . The design includes each of these dimensions, aggregated into several components of data quality. Consideration is done to include accuracy, lineage, currency, coverage (adequacy & reliability), consistency, and completeness [73] .
Software utilization is centered on optimum utilization of a GIS software without compromising GIS processes and workflow efficiencies. GIS software and analytical tools are known to be of two general types; general-purpose geocomputation platforms such as ArcGIS and QGIS and specialized geo-computation tools Landserf [75] . However, exposure to GIS software for many GIS professionals is limited to ESRI and open-source software products [48] . These software have several analytical and GIS mapping tools in terms of their capabilities and functionalities [76] . It is important to evaluate software utilization based on GIS user’s application requirements [48] . The software is procedure-oriented and the GIS user needs to know the functionalities they need to perform specific tasks [75] . These are considered with respect to basic GIS users’ utilization and operational functionalities to include: Capture, conversion, transformation, querying, analysis, geoprocessing, interpolation, display, visualization, presentation, reporting, import, export, modeling, geodatabase creation & management, data exchange & sharing, plugins/extensions management, support for external remote connections, support for external OGC & web services, interoperability, customization and operation system requirements. This is done with the consideration that some GIS software is commercial and come with maintenance and licensing requirements.
Personnel competency design provides flexible measures of a GIS competency within a GIS environment. An effective GIS is dependent on quality, experience and training of its users. The design has taken into account appropriate GIS personnel with regard to their qualities and potential [77] . Necessary steps must be taken to ensure appropriate experience, training and continuous professional programs.
The success of audit results is dependent on six (6) major GIS stakeholders who play critical role in ensuring successful GIS audit as described in Table 7. These include Senior Management, GIS Manager, System engineer, Network engineer, GIS system administrator and GIS user. At the same time, client/consumer feedback provides opinions to enrich the audit. From the results, it is evident that a GIS manager has more responsibility for analyzing and reporting GIS audits as compared to other stakeholders. S/he is more integral to the audit and presents GIS knowledge application, skills and techniques needed to evaluate system needs and expectations [78] . GIS user is more dominant in data quality audit. In GIS practice, a GIS user actively participates in the processes of inclusion, change and manipulation of data [79] . For this reason, quality becomes a central issue to verify data correctness and consistency for the application at hand. GIS
Table 7. GIS audit major stakeholders.
system engineer, developer and programmer have equal roles. Their audit effort is concentrated on GIS competency and procedures that define required tasks to build or customize GIS application. System administrator and network administrator offer their contribution in parameters that support, troubleshoot and maintain GIS computers, servers and networks. The senior management features more in procedures that define the rationale through which audit results are effected for a successful GIS. Table 7 is a summation of stakeholder’s involvement based on their roles.
GIS procedures: A GIS operates based on a well-designed plan and business rules unique to each organization [47] . The parameters are designed to provide a strategy that determines the success of a GIS to avoid issues experienced during operation [80] . They align to workflows with respect to GIS strategic vision and alignments, implementation, communication, data creation, data modification, data dissemination, data accessibility, data update, data redundancy checks, GIS document management, GIS technology, hardware & network infrastructure, GIS standard operating procedures, GIS support & maintenance, GIS security, resources accountability, staff development programs and GIS funding.
6. Conclusion and Further Work
This paper has presented a GIS audit framework that allows GIS users to assess their GIS set-ups based on some identified GIS audit parameters. The design scope has been described to include different levels of GIS application areas within an enterprise. It also accommodates other levels of GIS development; department, project or society GIS. The design adopted a reductive model approach that constructs GIS audit guidelines and considerations from the identified parameters. Overall design strategy and audit process are indicated for each audit parameter. Major factors have been considered to ensure proper implementation, performance and sustainability of an effective GIS. GIS users are guided on how to approach GIS audit in terms of GIS data quality, GIS software technology, GIS competency and GIS procedures/operations. The framework inputs incorporate views received from selected GIS industry players on how and what they would consider as audit parameters. The framework provides a checklist of various aspects that need to be audited during GIS audit process. The implication is that, an auditor selects a particular aspect from the framework that the audit will focus on. It is available in an excel format to enable users create/develop checklists for various audit purposes and scopes. Further work will involve validating the framework through a mock testing process to ensure that the developed framework meets the needs and requirements of GIS stakeholders.
Appendix
Appendix A1: Summary of Results