Cybersecurity Breaches and Information Technology Governance Roles in Audit Committee Charters

2020 ◽  
pp. 0000-0000
Author(s):  
Nancy Lankton ◽  
Jean B. Price ◽  
Mohammad Karim
Keyword(s):  
Information Technology ◽  
Audit Committee ◽  
Future Research ◽  
Data Breach ◽  
Security Breaches ◽  
Technology Governance ◽  
Board Of Director ◽  
Information Technology Governance ◽  
Governance Roles ◽  
Board Level

Cybersecurity is a serious and growing risk for organizations. Firms with board of director involvement in information technology governance (ITG) may be better equipped to deal with this risk. Yet little is known about the audit committee's role in ITG. This study uses efficiency and institutional theories to investigate the influence of security breaches and boardlevel technology committees on disclosing ITG roles in the audit committee charter. We develop hypotheses and test them using a sample of 189 firms. Results show that firms with a technology committee and a data breach are more likely to disclose ITG roles in the audit committee charter. This suggests that firms experiencing a data breach realize their vulnerability and by already having oversight at the board level, it is more natural for them to increase oversight by assigning ITG roles to the audit committee. We provide implications and areas for future research.

A Framework and Guidelines for Assessing and Developing Board-Level Information Technology Committee Charters

2017 ◽  
Vol 32 (1) ◽  
pp. 109-129
Author(s):  
Jean B. Price ◽  
Nancy Lankton
Keyword(s):  
Information Technology ◽  
It Governance ◽  
Future Research ◽  
Roles And Responsibilities ◽  
Technology Governance ◽  
Fortune 500 Companies ◽  
Information Technology Governance ◽  
Level Information ◽  
Prior Literature ◽  
Board Level

ABSTRACT IT governance is important to the success of most business enterprises. One form of IT governance is the use of board-level IT committees. This study examines committee charters, which are the basic foundation for an effective committee. Based on prior literature and theory, we develop a framework and six propositions for assessing IT committee charter components including committee characteristics, member characteristics, and roles and responsibilities. We test the propositions by exploring the IT committee charters and information from other sources for 23 Fortune 500 companies. We find that most IT committees have more members and meet more often than required by the charter. All but one committee has at least one member with IT expertise as defined in our study. Also, most roles and responsibilities are focused on the five IT governance focus areas prescribed by the Information Technology Governance Institute. However, the roles are not consistently specified in all charters. Suggestions for future research and guidelines for practice are provided.

The Relationship between Board-Level Technology Committees and Reported Security Breaches

2016 ◽  
Vol 30 (3) ◽  
pp. 79-98 ◽  
Author(s):  
Julia L. Higgs ◽  
Robert E. Pinsker ◽  
Thomas J. Smith ◽  
George R. Young
Keyword(s):  
Information Technology ◽  
Stock Returns ◽  
Positive Association ◽  
External Source ◽  
Corporate Boards ◽  
Security Breaches ◽  
Technology Governance ◽  
Information Technology Governance ◽  
Abnormal Stock Returns ◽  
Board Level

ABSTRACT After several high-profile data security breaches (e.g., Target Corporation, Michaels Stores, Inc., The Home Depot), corporate boards are prioritizing the oversight of Information Technology (IT) risk. Firms are also increasingly faced with disclosure decisions regarding IT security breaches. This study proposes that firms can use the creation of a board-level technology committee as part of the firm's information technology governance (ITG) to signal the firm's ability to detect and respond to security breaches. Using reported security breaches during the time period 2005–2014, results indicate that firms with technology committees are more likely to have reported breaches in a given year than are firms without the committee. Further analysis suggests that this positive association is driven by relatively young technology committees and external source breaches. Specifically, as a technology committee becomes more established, its firm is not as likely to be breached. To obtain further evidence on the perceived value of a technology committee, this study uses a returns analysis and finds that the presence of a technology committee mitigates the negative abnormal stock returns arising from external breaches. Findings add to the evolving ITG literature, as well to the signaling theory and disclosure literatures.

scholarly journals The Effect of Information Technology Governance and Enterprise Risk Management on the Performance of State-Owned Enterprises in Non-Public Financial Fields Moderated by Corporate Governance

2020 ◽  
Vol 2 (4) ◽  
pp. 446-466
Author(s):  
Mochamad Muslih ◽  
Iis Sugianti ◽  
Daulat Freddy Simanjuntak ◽  
Dedi Rianto Rahadi
Keyword(s):  
Information Technology ◽  
Risk Management ◽  
Corporate Governance ◽  
Firm Performance ◽  
Audit Committee ◽  
Information Technology Management ◽  
Technology Governance ◽  
Information Technology Governance ◽  
Analysis Technique ◽  
Enterprise Risk

The use of information technology is a necessity and a challenge in this 4th-millennium era. Companies that do not want to use technology that suits their needs will be left behind. The Indonesian government has also required the use of appropriate information technology. The purpose of this study is to evaluate the implementation of the Ministry of SOE Regulation No.  Per 02 / MBU / 2013 concerning guidelines for the preparation of information technology management of State-Owned Enterprises (SOE) in the field of non-public finance and the implementation of risk management to SOEs that are moderated by corporate governance. The population in this study is State-Owned Enterprises (SOE) in the financial sector. The research sample of 17 SOEs was sampled with the purposive sampling method. The analysis technique used is multiple linear regression. The results showed that IT Governance does not affect firm performance. ERM significantly influences firm performance. Corporate governance that is proxied by the number of audit committee meetings does not moderate IT governance's influence on firm performance and does not mild ERM's effect on firm performance.

scholarly journals Determinants Effectiveness of Information Technology Governance and IT Performance in Higher Education Institution (HEI): A Conceptual Framework

2021 ◽  
Vol 2 (1) ◽  
pp. 36-47
Author(s):  
Anwar Fattah ◽  
Hoga Saragih ◽  
Resad Setyadi
Keyword(s):  
Higher Education ◽  
Information Technology ◽  
Literature Review ◽  
Conceptual Framework ◽  
Education Institution ◽  
Future Research ◽  
Higher Education Institution ◽  
Technology Governance ◽  
Information Technology Governance ◽  
It Performance

  The purpose of this article is to build a conceptual framework based on literature review that will be tested in future research related to Information Technology Governance (ITG). The results of the literature review allow for the construction of hypotheses into a conceptual framework. Furthermore, the study identifies mechanism that contribute to effectiveness IT governance based on past literatures, on this domain assesses mechanism ITG the influence between information technology performance and  effectiveness Information technology governance .The conceptual framework will be tested among higher Education Institution (HEI) users for future research in Indonesia..

Sign in / Sign up

Export Citation Format

Share Document