{"title":"审计公司对网络安全风险的评估:来自审计费和美国证券交易委员会意见函的证据","authors":"P. Rosati, Fabian Gogolin, Theo Lynn","doi":"10.1142/s1094406019500136","DOIUrl":null,"url":null,"abstract":"This study investigates the impact of cyber-security incidents on audit fees. Using a sample of 5,687 firms, we find that (i) breached firms are charged 12% higher audit fees, and (ii) firms operating in the same industry of a breached firm are charged 5% higher fees. Finally, using a difference-in-difference regression on a propensity score matched sample, we provide evidence suggesting that auditors do not revise their audit risk assessment following a breach. Overall, these results suggest that the increase in audit fees in the year of a breach is only temporary, and that auditors include cyber-security risk in their audit risk assessment even before an incident occurs. Higher cyber-security risk is ultimately reflected in higher audit fees paid by auditees.","PeriodicalId":47122,"journal":{"name":"International Journal of Accounting","volume":" ","pages":""},"PeriodicalIF":2.0000,"publicationDate":"2019-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1142/s1094406019500136","citationCount":"19","resultStr":"{\"title\":\"Audit Firm Assessments of Cyber-Security Risk: Evidence from Audit Fees and SEC Comment Letters\",\"authors\":\"P. Rosati, Fabian Gogolin, Theo Lynn\",\"doi\":\"10.1142/s1094406019500136\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This study investigates the impact of cyber-security incidents on audit fees. Using a sample of 5,687 firms, we find that (i) breached firms are charged 12% higher audit fees, and (ii) firms operating in the same industry of a breached firm are charged 5% higher fees. Finally, using a difference-in-difference regression on a propensity score matched sample, we provide evidence suggesting that auditors do not revise their audit risk assessment following a breach. Overall, these results suggest that the increase in audit fees in the year of a breach is only temporary, and that auditors include cyber-security risk in their audit risk assessment even before an incident occurs. Higher cyber-security risk is ultimately reflected in higher audit fees paid by auditees.\",\"PeriodicalId\":47122,\"journal\":{\"name\":\"International Journal of Accounting\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2019-10-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1142/s1094406019500136\",\"citationCount\":\"19\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Accounting\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1142/s1094406019500136\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"BUSINESS, FINANCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Accounting","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1142/s1094406019500136","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"BUSINESS, FINANCE","Score":null,"Total":0}
Audit Firm Assessments of Cyber-Security Risk: Evidence from Audit Fees and SEC Comment Letters
This study investigates the impact of cyber-security incidents on audit fees. Using a sample of 5,687 firms, we find that (i) breached firms are charged 12% higher audit fees, and (ii) firms operating in the same industry of a breached firm are charged 5% higher fees. Finally, using a difference-in-difference regression on a propensity score matched sample, we provide evidence suggesting that auditors do not revise their audit risk assessment following a breach. Overall, these results suggest that the increase in audit fees in the year of a breach is only temporary, and that auditors include cyber-security risk in their audit risk assessment even before an incident occurs. Higher cyber-security risk is ultimately reflected in higher audit fees paid by auditees.
期刊介绍:
The aim of The International Journal of Accounting is to advance the academic and professional understanding of accounting theory, policies and practice from the international perspective and viewpoint. The Journal editorial recognizes that international accounting is influenced by a variety of forces, e.g., governmental, political and economic. Thus, the primary criterion for manuscript evaluation is the incremental contribution to international accounting literature and the forces that impact the field. The Journal aims at understanding the present and potential ability of accounting to aid in analyzing and interpreting international economic transactions and the economic consequences of such reporting. These transactions may be within a profit or non-profit environment. The Journal encourages a broad view of the origins and development of accounting with an emphasis on its functions in an increasingly interdependent global economy. The Journal also welcomes manuscripts that help explain current international accounting practices, with related theoretical justifications, and identify criticisms of current policies and practice. Other than occasional commissioned papers or special issues, all the manuscripts published in the Journal are selected by the editors after the normal double-blind refereeing process.