{"title":"关于公司治理和IT专业知识在解决网络安全漏洞中的作用的学术研究:对实践、政策和研究的启示","authors":"Carolin Hartmann, Jimmy Carmenate","doi":"10.2308/CIIA-2020-034","DOIUrl":null,"url":null,"abstract":"Frequent cyber-attacks on organizations in the last decade have caught the attention of practitioners and governance bodies, who have called for boards to take a more active role in managing and preventing future cyber risks. Governance surveys however, find that boards are not sufficiently prepared to address cyber security risks due to a lack of IT expertise. Firms have begun appointing technology experts, creating board level technology (IT) committees and delegating responsibilities to the audit committee as a means of managing cybersecurity risk. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks. Finally, we discuss implications for practice, policy and researchers.","PeriodicalId":44019,"journal":{"name":"Current Issues in Auditing","volume":" ","pages":""},"PeriodicalIF":0.8000,"publicationDate":"2021-04-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Academic Research on the Role of Corporate Governance and IT Expertise in Addressing Cybersecurity Breaches: Implications for Practice, Policy and Research\",\"authors\":\"Carolin Hartmann, Jimmy Carmenate\",\"doi\":\"10.2308/CIIA-2020-034\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Frequent cyber-attacks on organizations in the last decade have caught the attention of practitioners and governance bodies, who have called for boards to take a more active role in managing and preventing future cyber risks. Governance surveys however, find that boards are not sufficiently prepared to address cyber security risks due to a lack of IT expertise. Firms have begun appointing technology experts, creating board level technology (IT) committees and delegating responsibilities to the audit committee as a means of managing cybersecurity risk. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks. Finally, we discuss implications for practice, policy and researchers.\",\"PeriodicalId\":44019,\"journal\":{\"name\":\"Current Issues in Auditing\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":0.8000,\"publicationDate\":\"2021-04-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Current Issues in Auditing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2308/CIIA-2020-034\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"BUSINESS, FINANCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Current Issues in Auditing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2308/CIIA-2020-034","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
Academic Research on the Role of Corporate Governance and IT Expertise in Addressing Cybersecurity Breaches: Implications for Practice, Policy and Research
Frequent cyber-attacks on organizations in the last decade have caught the attention of practitioners and governance bodies, who have called for boards to take a more active role in managing and preventing future cyber risks. Governance surveys however, find that boards are not sufficiently prepared to address cyber security risks due to a lack of IT expertise. Firms have begun appointing technology experts, creating board level technology (IT) committees and delegating responsibilities to the audit committee as a means of managing cybersecurity risk. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks. Finally, we discuss implications for practice, policy and researchers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
