网络安全保障服务类型和网络安全事件对投资者认知和决策的影响

IF 2.7 3区管理学 Q2 BUSINESS, FINANCE

Auditing-A Journal of Practice & Theory Pub Date : 2023-10-01 DOI:10.2308/ajpt-19-022

Rebecca R. Perols

{"title":"网络安全保障服务类型和网络安全事件对投资者认知和决策的影响","authors":"Rebecca R. Perols","doi":"10.2308/ajpt-19-022","DOIUrl":null,"url":null,"abstract":"SUMMARY Regulators, investors, and boards of directors are increasingly demanding information about organizations’ cybersecurity risk management. I examine the effect of the AICPA’s voluntary cybersecurity examination service on investor perceptions and decisions. Similar to a previous AICPA IT-related assurance service called WebTrust that failed in the marketplace, cybersecurity examinations face competition from less comprehensive and less costly assurance services in a nonstandardized assurance market, and it is unclear whether investors will recognize the value provided by the more comprehensive assurance service. I find that investors are more willing to invest when management disclosures describe a cybersecurity examination compared with a less comprehensive assurance service but only if the assurance is in response to a cybersecurity incident. I also find that this effect is mediated by investor perceptions of assurance quality. I, however, do not find support for these same effects when the assurance is disclosed in the absence of an incident.","PeriodicalId":48142,"journal":{"name":"Auditing-A Journal of Practice & Theory","volume":"38 1","pages":"0"},"PeriodicalIF":2.7000,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"The Impact of the Type of Cybersecurity Assurance Service and Cybersecurity Incidents on Investor Perceptions and Decisions\",\"authors\":\"Rebecca R. Perols\",\"doi\":\"10.2308/ajpt-19-022\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"SUMMARY Regulators, investors, and boards of directors are increasingly demanding information about organizations’ cybersecurity risk management. I examine the effect of the AICPA’s voluntary cybersecurity examination service on investor perceptions and decisions. Similar to a previous AICPA IT-related assurance service called WebTrust that failed in the marketplace, cybersecurity examinations face competition from less comprehensive and less costly assurance services in a nonstandardized assurance market, and it is unclear whether investors will recognize the value provided by the more comprehensive assurance service. I find that investors are more willing to invest when management disclosures describe a cybersecurity examination compared with a less comprehensive assurance service but only if the assurance is in response to a cybersecurity incident. I also find that this effect is mediated by investor perceptions of assurance quality. I, however, do not find support for these same effects when the assurance is disclosed in the absence of an incident.\",\"PeriodicalId\":48142,\"journal\":{\"name\":\"Auditing-A Journal of Practice & Theory\",\"volume\":\"38 1\",\"pages\":\"0\"},\"PeriodicalIF\":2.7000,\"publicationDate\":\"2023-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Auditing-A Journal of Practice & Theory\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2308/ajpt-19-022\",\"RegionNum\":3,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"BUSINESS, FINANCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Auditing-A Journal of Practice & Theory","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2308/ajpt-19-022","RegionNum":3,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}

引用次数: 0

摘要

监管机构、投资者和董事会对企业网络安全风险管理的要求越来越高。我检查了美国注册会计师协会的自愿网络安全审查服务对投资者的看法和决策的影响。与之前美国注册会计师协会(AICPA)在市场上失败的一项名为WebTrust的与it相关的保证服务类似，在非标准化的保证市场上，网络安全考试面临着不太全面、成本更低的保证服务的竞争，目前尚不清楚投资者是否会认识到更全面的保证服务所提供的价值。我发现，与不太全面的保证服务相比，当管理层披露描述了网络安全检查时，投资者更愿意投资，但前提是保证是针对网络安全事件的。我还发现，这种影响是由投资者对担保质量的看法介导的。然而，如果在没有发生事故的情况下披露这种保证，我找不到同样的证据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

The Impact of the Type of Cybersecurity Assurance Service and Cybersecurity Incidents on Investor Perceptions and Decisions

SUMMARY Regulators, investors, and boards of directors are increasingly demanding information about organizations’ cybersecurity risk management. I examine the effect of the AICPA’s voluntary cybersecurity examination service on investor perceptions and decisions. Similar to a previous AICPA IT-related assurance service called WebTrust that failed in the marketplace, cybersecurity examinations face competition from less comprehensive and less costly assurance services in a nonstandardized assurance market, and it is unclear whether investors will recognize the value provided by the more comprehensive assurance service. I find that investors are more willing to invest when management disclosures describe a cybersecurity examination compared with a less comprehensive assurance service but only if the assurance is in response to a cybersecurity incident. I also find that this effect is mediated by investor perceptions of assurance quality. I, however, do not find support for these same effects when the assurance is disclosed in the absence of an incident.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Auditing-A Journal of Practice & Theory BUSINESS, FINANCE-

CiteScore

4.30

自引率

10.70%

发文量

期刊介绍： AUDITING contains technical articles as well as news and reports on current activities of the association.