Litcius/Paper detail

Cybersecurity Breaches and the Role of Information Technology Governance in Audit Committee Charters

Nancy K. Lankton, Jean Price, Mohammad A. Karim

2020Journal of Information Systems34 citationsDOI

Abstract

ABSTRACT Cybersecurity is a serious and growing risk for organizations. Firms with board of director involvement in information technology governance (ITG) may be better equipped to deal with this risk. Yet little is known about the audit committee's role in ITG. This study uses efficiency and institutional theories to investigate the influence of security breaches and board-level technology committees on disclosing ITG roles in the audit committee charter. We develop hypotheses and test them using a sample of 189 firms. Results show that firms with a technology committee and a data breach are more likely to disclose ITG roles in the audit committee charter. This suggests that firms experiencing a data breach realize their vulnerability and, by already having oversight at the board level, it is more natural for them to increase oversight by assigning ITG roles to the audit committee. We provide implications and areas for future research.

Topics & Concepts

Audit committeeAuditBusinessCorporate governanceCharterAccountingChief audit executiveVulnerability (computing)Sample (material)Test (biology)Data breachInformation technology auditInformation technologyInternal auditPublic relationsComputer securityJoint auditFinancePolitical scienceLawComputer scienceChromatographyBiologyPaleontologyChemistryInformation and Cyber SecurityCybercrime and Law Enforcement StudiesNetwork Security and Intrusion Detection
Cybersecurity Breaches and the Role of Information Technology Governance in Audit Committee Charters | Litcius