Information technology governance and cybersecurity at the board level

2020 ◽  
Vol 16 (2) ◽  
pp. 150 ◽  
Author(s):  
Abdalmuttaleb M.A. Musleh Al Sartawi
Keyword(s):  
Information Technology ◽  
Technology Governance ◽  
Information Technology Governance ◽  
Board Level

A Framework and Guidelines for Assessing and Developing Board-Level Information Technology Committee Charters

2017 ◽  
Vol 32 (1) ◽  
pp. 109-129
Author(s):  
Jean B. Price ◽  
Nancy Lankton
Keyword(s):  
Information Technology ◽  
It Governance ◽  
Future Research ◽  
Roles And Responsibilities ◽  
Technology Governance ◽  
Fortune 500 Companies ◽  
Information Technology Governance ◽  
Level Information ◽  
Prior Literature ◽  
Board Level

ABSTRACT IT governance is important to the success of most business enterprises. One form of IT governance is the use of board-level IT committees. This study examines committee charters, which are the basic foundation for an effective committee. Based on prior literature and theory, we develop a framework and six propositions for assessing IT committee charter components including committee characteristics, member characteristics, and roles and responsibilities. We test the propositions by exploring the IT committee charters and information from other sources for 23 Fortune 500 companies. We find that most IT committees have more members and meet more often than required by the charter. All but one committee has at least one member with IT expertise as defined in our study. Also, most roles and responsibilities are focused on the five IT governance focus areas prescribed by the Information Technology Governance Institute. However, the roles are not consistently specified in all charters. Suggestions for future research and guidelines for practice are provided.

Cybersecurity Breaches and Information Technology Governance Roles in Audit Committee Charters

2020 ◽  
pp. 0000-0000
Author(s):  
Nancy Lankton ◽  
Jean B. Price ◽  
Mohammad Karim
Keyword(s):  
Information Technology ◽  
Audit Committee ◽  
Future Research ◽  
Data Breach ◽  
Security Breaches ◽  
Technology Governance ◽  
Board Of Director ◽  
Information Technology Governance ◽  
Governance Roles ◽  
Board Level

Cybersecurity is a serious and growing risk for organizations. Firms with board of director involvement in information technology governance (ITG) may be better equipped to deal with this risk. Yet little is known about the audit committee's role in ITG. This study uses efficiency and institutional theories to investigate the influence of security breaches and boardlevel technology committees on disclosing ITG roles in the audit committee charter. We develop hypotheses and test them using a sample of 189 firms. Results show that firms with a technology committee and a data breach are more likely to disclose ITG roles in the audit committee charter. This suggests that firms experiencing a data breach realize their vulnerability and by already having oversight at the board level, it is more natural for them to increase oversight by assigning ITG roles to the audit committee. We provide implications and areas for future research.

The Relationship between Board-Level Technology Committees and Reported Security Breaches

2016 ◽  
Vol 30 (3) ◽  
pp. 79-98 ◽  
Author(s):  
Julia L. Higgs ◽  
Robert E. Pinsker ◽  
Thomas J. Smith ◽  
George R. Young
Keyword(s):  
Information Technology ◽  
Stock Returns ◽  
Positive Association ◽  
External Source ◽  
Corporate Boards ◽  
Security Breaches ◽  
Technology Governance ◽  
Information Technology Governance ◽  
Abnormal Stock Returns ◽  
Board Level

ABSTRACT After several high-profile data security breaches (e.g., Target Corporation, Michaels Stores, Inc., The Home Depot), corporate boards are prioritizing the oversight of Information Technology (IT) risk. Firms are also increasingly faced with disclosure decisions regarding IT security breaches. This study proposes that firms can use the creation of a board-level technology committee as part of the firm's information technology governance (ITG) to signal the firm's ability to detect and respond to security breaches. Using reported security breaches during the time period 2005–2014, results indicate that firms with technology committees are more likely to have reported breaches in a given year than are firms without the committee. Further analysis suggests that this positive association is driven by relatively young technology committees and external source breaches. Specifically, as a technology committee becomes more established, its firm is not as likely to be breached. To obtain further evidence on the perceived value of a technology committee, this study uses a returns analysis and finds that the presence of a technology committee mitigates the negative abnormal stock returns arising from external breaches. Findings add to the evolving ITG literature, as well to the signaling theory and disclosure literatures.

scholarly journals Pedoman Tata Kelola Teknologi Informasi Menggunakan It Governance Design Frame Work (Cobit) Pada PT. X

2015 ◽  
pp. 200
Author(s):  
I Ketut Adi Purnawan
Keyword(s):  
Information Technology ◽  
High Risk ◽  
Maturity Level ◽  
Technology Governance ◽  
Information Technology Governance ◽  
Study Results ◽  
Level 3 ◽  
Frame Work ◽  
Level Of Concern ◽  
Monitoring And Measurement

 Implementation of  Information Technology (IT) in an organization require significant costs with high risk  of  failure [3]. Managing data is  a matter that must be done continuously by the organization and accompanied by monitoring and measurement of achievement that has been done as to meet the aspect of integrity, availablility. In this study using COBIT as a frame work in preparing the guidelines for information technology governance at PT.  X  on  DS11,  which  focuses  on  management of  data  about  the  level  of  concern  for management (management awareness) and  maturity level (maturity level).  The study and analysis indicates that the level of concern for management (management awareness) PT. X already on a fairly level and maturity level for the current maturity level (as is) at level 3 (defined process) and to the expected level of maturity located at level 5 (optimized). From the overall study results showed that PT. X has recognized that the data is an important organizational asset.

Sign in / Sign up

Export Citation Format

Share Document