Download now Free registration required
The information systems literature and the public press has called for organizations to more closely scrutinize their information technology (IT) security controls; however, little more than anecdotal evidence exists on the business value of IT security investments, beyond regulatory compliance. Drawing on the strategy and accounting literature, the author (a) advance a strategic liability perspective to the question of information systems security value; and (b) use the unique setting provided by the enactment of the Sarbanes-Oxley Act of 2002 (SOX) to investigates the relationship between IT security controls quality and both accounting earnings (a contemporaneous measure of firm performance) and market value (a forward looking measure of firm performance).
- Format: PDF
- Size: 226.4 KB