Management Information Systems Commons^™

Investigating The Impact Of Publicly Announced Information Security Breaches On Corporate Risk Factor Disclosure Tendencies, Sandra J. Cereola, Joanna Dynowska

Journal of Cybersecurity Education, Research and Practice

As the reported number of data breaches increase and senators push for more disclosure regulation, the SEC staff issued a guidance in 2011 on disclosure obligations relating to cybersecurity risks and incidents. More recently, on February 26, 2018 the SEC Commission issued interpretive guidance to help assist public companies prepare disclosures regarding cybersecurity risks and incidents. As reported incidents of cybersecurity breaches occur, investors are concerned about the risks associated with these incidents and the impact they may have on financial performance. Although the SEC staff guidance warns public companies to make timely disclosure, recognizing the threat that cybercrime poses …

Investigating Information Security Policy Characteristics: Do Quality, Enforcement And Compliance Reduce Organizational Fraud?, Dennis T. Brown

KSU Proceedings on Cybersecurity Education, Research and Practice

Occupational fraud, the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s resources or assets, is a growing concern for all organizations. While the typical organization loses at least 5% of annual revenues to fraud, current methods of detection and prevention are not fully adequate to reduce increasing occurrences. Although information systems are making life easier, they are increasingly being used to perpetrate fraudulent activities, and internal employee security threat is responsible for more information compromise than external threats.

The purpose of this research is to examine how information security policy quality and …

Decision Support Systems For Strategic Dispute Resolution, Anurag Agarwal, Sridhar Ramamoorti, Vaidyanathan Jayaraman

Faculty and Research Publications

Disputes and lawsuits are quite common in business and are often a source of significant liabilities. We conjecture that measurement challenges and lack of adequate analysis tools have greatly inhibited the ability of the General Counsel's offices in selecting the best mode for the resolution (i.e. litigation vs. out-of-court settlement) of business conflicts and disputes. Easily quantified direct costs (e.g., out-of-pocket expenses related to pursuing and defending against litigation) tend to be considered, whereas the more difficult-to-quantify indirect risks and costs (e.g., damaged relationships with customers and potential alliance partners, including reputational harm) which may be quite significant, tend to …

End-User Computing Applications, Mary C. Hill, W. Alan Barnes

Faculty and Research Publications

Businesses today rely on the work being done by staff using personal computers. The proliferation of personal computers has led to widespread implementation of end-user computing applications. As their name implies, end-user applications are designed, implemented, and controlled by users rather than by IT professionals. End-user applications can be risky for organizations, both with respect to management decision making and to financial reporting. For public companies, the risk involved in these applications has been increased by the requirements of the Sarbanes-Oxley Act of 2002, which call for management to document end-to-end financial operations and internal control structures. This article review …

Analysis Of Xbrl Literature: A Decade Of Progress And Puzzle, Saeed Roohani, Zhao Xianming, Ernest Capozzoli, Barbara Lamberton

Faculty and Research Publications

XBRL (eXtensible Business Reporting language) was recently, in 2008, in its 10th year. The concept was articulated in 1998 by Charles Hoffman, known as XFRML (eXtensible Financial Reporting Mark Up Language) to facilitate the business reporting process and improve financial reporting. The objective of this paper is to examine a decade (1998-2008) of XBRL articles published in various publications including trade, practitioner and academic journals to identify trends and patterns, milestones, and organizations actively contributed to this development. Another goal is to assess public perceptions of XBRL, its capabilities and its future. We examined published articles where XBRL appeared either …