How Disclosing a Prior Cyberattack Influences the Efficacy of Cybersecurity Risk Management Reporting and Independent Assurance

2019 ◽  
Vol 33 (3) ◽  
pp. 183-200 ◽  
Author(s):  
Michele L. Frank ◽  
Jonathan H. Grenier ◽  
Jonathan S. Pyzoha
Keyword(s):  
Risk Management ◽  
Voluntary Disclosure ◽  
Data Availability ◽  
Third Party ◽  
Nonprofessional Investors ◽  
Reporting Framework ◽  
Reliability Enhancement ◽  
Management Reporting ◽  
A Company

ABSTRACT This paper provides evidence that the efficacy of voluntary cybersecurity risk management reporting and independent assurance, in terms of enhancing investment attractiveness, depends on whether a company has disclosed a prior cyberattack. Based on the voluntary disclosure literature, we predict and find that issuing the management component of the AICPA's cybersecurity reporting framework absent assurance is more effective when a company has not (versus has) disclosed a prior cyberattack, as nonprofessional investors are less likely to question the reliability of management's reporting. However, obtaining third party assurance of management's report provides a greater benefit for companies that have (versus have not) disclosed a prior cyberattack, as these companies benefit more from the reliability enhancement of assurance. Finally, we find it may be possible to enhance a company's investment attractiveness by issuing the independent assurance report by itself. Our results have implications for companies' cybersecurity risk management reporting and assurance decisions. Data Availability: Data are available upon request.

Enhancing and Structuring the MD&A to Aid Investors when Using Interactive Data

2012 ◽  
Vol 26 (2) ◽  
pp. 167-188 ◽  
Author(s):  
Steve G. Sutton ◽  
Vicky Arnold ◽  
Jean C. Bedard ◽  
Jillian R. Phillips
Keyword(s):  
Focus Groups ◽  
Voluntary Disclosure ◽  
Systems Design ◽  
Financial Statements ◽  
Data Availability ◽  
Annual Reports ◽  
Public Companies ◽  
Nonprofessional Investors ◽  
Business Reporting ◽  
Interactive Data

ABSTRACT In 2008, the SEC issued a mandate requiring the use of interactive tagged data (i.e., eXtensible Business Reporting Language, or XBRL) for all public companies' filings of their annual financial statements. However, the SEC put the mandates in place only for the financial statements and accompanying notes. The SEC specifically excluded the use of interactive tagged data for most narrative aspects of annual reports, including Management's Discussion and Analysis (MD&A), deeming current taxonomies for interactive data tagging inadequate. This study leverages upon the efforts of the Enhanced Business Reporting Consortium (EBRC) to develop a more robust taxonomy for the MD&A. The EBRC effort consists of two parts: (1) expanding the scope of qualitative disclosures, and (2) integrating all of the interactive data tags used by companies during the voluntary disclosure period predating the SEC mandate into a comprehensive set of tags for existing MD&A disclosures. Of particular interest in this research is the first aspect of the EBRC effort—an analysis of professional and nonprofessional investors' perspectives on the value of proposed qualitative disclosures and areas in which such investors would desire additional disclosures. We conducted nine focus groups with professional and nonprofessional investors to elicit their information preferences, applying procedures consistent with the “information requirements definition” phase of systems design. Results show that participants are supportive of the EBRC's proposed 31 categories of qualitative disclosures, but also identify 15 additional categories as useful. We augment the focus groups with a survey of 286 investors to assess the relative value of the combined 46 categories. All 46 items appear to be desirable across investor participants. The results have implications for ongoing efforts to expand taxonomies for qualitative data disclosure and for standard-setters considering extensions to MD&A reporting requirements. Data Availability: Contact the corresponding author.

In GAAP We Trust: Examining How Trust Influences Nonprofessional Investor Decisions Under Rules-Based and Principles-Based Standards

2011 ◽  
Vol 24 (1) ◽  
pp. 25-46 ◽  
Author(s):  
Wendy J. Bailey ◽  
Kimberly M. Sawers
Keyword(s):  
Decision Making ◽  
Financial Reporting ◽  
Reporting System ◽  
Data Availability ◽  
Accounting System ◽  
Accounting Standard ◽  
Nonprofessional Investors ◽  
Investment Choices ◽  
A Company ◽  
Allocation Decisions

ABSTRACT In this study, we investigate whether and how trust in our current, more rules-based financial reporting system and type of accounting standard affects nonprofessional investor decision making. In an experiment, 151 nonprofessional investors analyzed two companies that were economically identical except for a single underlying financial reporting difference that allowed one company to more positively report its financial results. By itself, the type of standard (rules-based, principles-based) did not affect investment choices or allocation decisions. However, when trust was considered, nonprofessional investors who are less trusting of our current financial reporting system chose to invest in a company with more positive financial results only when evaluating principles-based financial statements. Conversely, the type of standard did not affect investor decision making for nonprofessional investors who trust our current financial reporting system. These results have implications for standard setters as we move to a more principles-based accounting system. Data Availability: Available on request.

Do Managers Disclose or Withhold Bad News? Evidence from Short Interest

2018 ◽  
Vol 94 (3) ◽  
pp. 1-26 ◽  
Author(s):  
Dichu Bao ◽  
Yongtae Kim ◽  
G. Mujtaba Mian ◽  
Lixin (Nancy) Su
Keyword(s):  
Private Information ◽  
Voluntary Disclosure ◽  
Stock Price ◽  
Data Availability ◽  
Bad News ◽  
General Tendency ◽  
Litigation Risk ◽  
Novel Approach ◽  
Conflicting Evidence ◽  
Short Interest

ABSTRACT Prior studies provide conflicting evidence as to whether managers have a general tendency to disclose or withhold bad news. A key challenge for this literature is that researchers cannot observe the negative private information that managers possess. We tackle this challenge by constructing a proxy for managers' private bad news (residual short interest) and then perform a series of tests to validate this proxy. Using management earnings guidance and 8-K filings as measures of voluntary disclosure, we find a negative relation between bad-news disclosure and residual short interest, suggesting that managers withhold bad news in general. This tendency is tempered when firms are exposed to higher litigation risk, and it is strengthened when managers have greater incentives to support the stock price. Based on a novel approach to identifying the presence of bad news, our study adds to the debate on whether managers tend to withhold or release bad news. Data Availability: Data used in this study are available from public sources identified in the study.

scholarly journals An Approach to Sustainability Risk Assessment in Industrial Assets

2021 ◽  
Vol 13 (12) ◽  
pp. 6538
Author(s):  
Fco. Javier García-Gómez ◽  
Víctor Fco. Rosales-Prieto ◽  
Alberto Sánchez-Lite ◽  
José Luis Fuentes-Bargues ◽  
Cristina González-Gaya
Keyword(s):  
Risk Assessment ◽  
Risk Management ◽  
Asset Management ◽  
Analysis And Evaluation ◽  
The People ◽  
Preliminary Study ◽  
Assessment Procedures ◽  
Identification Analysis ◽  
A Company ◽  
Industrial Company

Asset management, as a global process through which value is added to a company, is a managerial model that involves major changes in strategies, technologies, and resources; risk management; and a change in the attitude of the people involved. The growing commitment of companies to sustainability results in them applying this approach to all their activities. For this reason, it is relevant to develop sustainability risk assessment procedures in industrial assets. This paper presents a methodological framework for the inclusion of sustainability aspects in the risk management of industrial assets. This approach presents a procedure to provide general criteria, methodology, and essential mandatory requirements to be adopted for the identification, analysis, and evaluation of sustainability aspects, impacts, and risks related to assets owned and managed by an industrial company. The proposed procedure is based on ISO 55,000 and ISO 31,000 standards and was developed following three steps: a preliminary study, identification of sustainability aspects and sustainability risks/opportunities, and impact assessment and residual risks management. Our results could serve as a model that facilitates the improvement of sustainability analysis risks in industrial assets and could be used as a basis for future developments in the application of the standards to optimize management of these assets.

An Investigation of Credit Risk Management Strategies of Private Commercial Banks of Bangladesh

2014 ◽  
Vol 2 (2) ◽  
pp. 77-87
Author(s):  
Abu Hanifa Md. Noman ◽  
Md. Amzad Hossain ◽  
Sajeda Pervin
Keyword(s):  
Risk Management ◽  
Credit Risk ◽  
Commercial Banks ◽  
Management Practices ◽  
Management Practice ◽  
Management Strategies ◽  
Third Party ◽  
Primary Data ◽  
Credit Risk Management ◽  
Risk Management Strategies

Objective - The study aims to investigate credit risk management practices and credit risk management strategies of the local private commercial banks in Bangladesh. Methodology -The investigation is conducted based on primary data collected from a set of both closed end and open end questionnaire from 23 out of 39 local private commercial banks in Bangladesh. Descriptive statistics has been used in processing the data and interpreting the results. Findings - The results reveal that credit risk management practice of the sample banks is sound which is attributed to the appropriate implementation of Basel II and credit risk management guidelines the country's central bank. The findings further show that use of Credit risk grading is most popular and effective criteria for measuring the borrowing capacity of the borrowers. In order to control credit risk and preventing losses from credit exposure banks give more focus on collateralization, accurate loan pricing and third party guarantee. Loan is monitored properly and credit reminder is given to the client if principal and interest remain outstanding for three months. The study further reveals that lack of experienced and trained credit officers, lack of genuine market information and Lack of awareness regarding non-genuine borrower are the most important problems of current credit risk management practices in Bangladesh. Novelty - To the best of the knowledge of the authors the study is the first that investigates credit risk management strategies of private commercial banks, especially on Bangladesh. Type of Paper - Empirical Keyword : Bangladesh; Commercial Bank; Credit risk; Credit risk management; Credit risk management strategies.

scholarly journals Hedging Activities Information and Risk Management Committee Effectiveness: Malaysian evidence

2018 ◽  
Author(s):  
Azrul Bin Abdullah ◽  
Ku Nor Izah Ku Ismail
Keyword(s):  
Risk Management ◽  
Corporate Governance ◽  
Significant Influence ◽  
Statistical Models ◽  
Voluntary Disclosure ◽  
Annual Reports ◽  
Management Committee ◽  
Corporate Governance Mechanisms ◽  
The Relationship ◽  
Risk Management Committee

This study examines the extent of information about hedging activities disclosures within the annual reports of Main Market companies listed on Bursa Malaysia. The extent of hedging activities disclosures is captured through a 32-item-template, which consists of a mandatory and voluntary disclosure scores. The results of this study indicate that the extent of information on hedging activities disclosure is still insufficient among the sampled companies even though the disclosure scored is quite high. This study also examines the relationship between the existence of risk management committee (RMC), its characteristics and the extent of information on hedging activities disclosure in two separate statistical models. The regression results imply that the existence of RMC is positive but does not significantly influence the extent of information on hedging activities disclosure. However its characteristics (i.e. RMC independence and RMC meeting) have a significant influence. The findings may provide some meaningful insights to regulators, policymakers and researchers, towards the establishment of RMC as a part of the internal corporate governance mechanisms. In addition to its existence, the effectiveness of RMC also needs to be emphasised.

Sign in / Sign up

Export Citation Format

Share Document