Advances in information technology have greatly changed communications and business
transactions between firms and their customers and suppliers. As a result, cybersecurity risk …

The internal audit function (IAF) assists management in improving internal controls over
operations, reporting, and compliance. While many studies examine the association …

Despite the growing interest in research on the topic of internal control, there is confusion
about the concept in both theory and practice. This study addresses this lack of clarity by …

We investigate whether ineffective internal control over financial reporting has implications
for firm operations by examining the association between inventory-related material …

We examine whether information technology expertise on audit committees impacts the
reliability and timeliness of financial reporting. We find a reduction in the likelihood of …

This paper presents an empirical study of changes that firms implement in their board-level
IT governance (ITG) upon experiencing operational IT failures. Consistent with the …

Use of information technology (IT) could be used to achieve effective financial reporting,
which has played a crucial role in the organization's performance. This element requires the …

Cybersecurity risk disclosure has received great attention in the past several years,
especially after the passage of the Securities and Exchange Commission's (SEC's) …

In this paper, we examine the consequences of data breaches for a breached company. We
find the economic consequences are, on average, very small for breached companies. On …

Economic theory suggests that negative peer events can result in market-wide spillovers that
help unaffected firms take real actions to enhance corporate governance. Motivated by the …