How IT Awareness Impacts IT Control Weaknesses and Firm Performance

With the prevalence of information technology (IT), the value of IT awareness increasingly grows, and IT control becomes a key part of firms’ strategies and objectives. Although leadership plays an important role in IT control governance, limited research has studied whether IT awareness is associated with IT control weaknesses (ITCWs) and firm performance simultaneously. Drawing on the agency and resource dependence theory, this paper proposes an integrative model to examine the impact of IT awareness on ITCWs and firm performance. We empirically validate the model using a data set of 310 firms collected from multiple sources including Audit Analytics, Compustat, 10-K filings, and proxy statement. The findings indicate that firms with higher IT awareness are less likely to have ITCWs, and lead to improved firm performance. This paper contributes to information systems (IS) literature by investigating the IT experience and knowledge of the board of directors on both ITCWs and firm performance. This study also provides important practical implications for IT management practices

Environmental modelling of the Chief Information Officer

Since the introduction of the term in the 1980’s, the role of the Chief Information Officer (CIO) has been widely researched. Various perceptions and dimensions of the role have been explored and debated. However, the explosion in data proliferation (and the inevitable resulting information fuelled change) further complicates organisational expectations of the CIOs role. If organisations are to competitively exploit the digital trend, then those charged with recruiting and developing CIOs now need to be more effective in determining (and shaping) CIO traits and attributes, within the context of their own organisational circumstances and in line with stakeholder expectations. CIOs also need to determine their own suitability and progression within their chosen organisation if they are to remain motivated and effective. Before modelling the role of the future CIO, it is necessary to synthesise our current knowledge (and the lessons learnt) about the CIO. This paper, therefore, aims to identify and summate the spectrum of key researched ‘themes’ pertaining to the role of the CIO. Summating previous research, themes are modelled around four key CIO ‘dimensions’, namely (1) Impacting factors, (2) Controlling factors (3) Responses and (4) CIO ‘attributes’. Having modelled the CIOs current environment, and recognising the evolving IT enabled information landscape, the authors call for further research to inform the recruitment and development of the future CIO in terms of personal attributes and the measurable impact such attributes will have on their respective organisation

Boards of Directors and Technology Governance: The Surprising State of the Practice

Companies spend anywhere from 1 percent to 10 percent of their gross revenues on information technology; some financial services companies actually spend much more. For a company with revenue in the $5 billion range, this could mean an annual technology expenditure of$500 million. Do boards of directors “govern” technology investments? Are they involved in major technology decisions? What role should they have in the acquisition, deployment and support of technology? The analysis reported in this document is based on a survey and follow-up interviews to more than 50 senior business technology executives. The findings reported benchmark the state of the practice—and suggest how companies can improve business technology governance. The prescriptive literature suggests that it is time for boards to assume meaningful oversight of technology investments and strategies. The data we collected (and the interviews that we conducted) support the descriptive literature: there is relatively little board involvement in technology planning or oversight. The overall conclusion is that boards of directors do not participate nearly enough in major technology decisions, are surprisingly out of the technology loop on technology issues, and are therefore missing opportunities to optimize operational and strategic technology investments. The paper ends with recommendations about the role that boards of directors should play in technology decision-making

Identifying Data Breaches Timely: Boards’ Technology Committee Matters

This study investigates the effect of having a board-level technology committee on the time it takes for firms to identify a data breach. Data breach is one of the most important risks firms face. Boards of directors play a key role in overseeing these risks. The technology committee is an important means through which boards play this role. We present preliminary results using a sample of public firms that experienced data breaches between 2010 and 2021. Our results show that firms with technology committees can identify data breaches more quickly than those without. We also outline our future research agenda to address potential endogeneity issues and explore the underlying mechanisms. This study will contribute to the cybersecurity and corporate governance literature by demonstrating the effect of technology committees on firms’ ability to identify data breaches

Do heavily-unionized companies compensate their CEOs less in periods of financial distress? Evidence from Canadian companies during the financial crisis.

This paper studies the strategic interaction between employee stakeholders, in particular labor unions, and top management, and evaluates the effect of the two parties’ inherent competitive rent-seeking behavior on CEO pay. Using a panel of firms listed on the S&P/TSX composite index, this paper finds that CEO compensation withstood the financial crisis despite lower and even negative corporate performance. Further, heavily-unionized companies were associated with higher CEO pay in terms of non-equity elements such as salary and pension allocations. The presence of unions had no observed effect in reducing bonuses, stock options, and restricted stock units. These findings have implications for the debate on income inequality, and the power of unions to bring about change

CIO Turnover and Subsequent Remediation of Information Technology Material Weaknesses

Extending the line of prior research on information technology material weaknesses (ITMWs) in internal controls, our study examines whether chief information officer (CIO) turnover is affected by the disclosure of ITMW and whether CIO turnover will affect subsequent remediation of ITMW. We find that ITMW disclosure exerts a negative influence on CIO turnover, which adds to prior findings on the effects of ICMW disclosure leading to chief executive officer (CEO) turnover and chief financial officer (CFO) turnover. Further, we find that CIO turnover exerts a positive influence on subsequent ITMW remediation. It indicates that CIO dismissals and replacements do promote the success of subsequent ITMW remediation

Too Busy to Monitor? Board Busyness and the Occurrence of Reported Information Security Incidents

This paper investigates the association between board busyness (i.e., directors with multiple positions) and the occurrence of reported information security incidents. Building on prior studies of board busyness, this paper argues that directors holding multiple board seats may fail to commit the time and effort necessary to ensure the appropriate information security strategy or investment plans are in place. Our results demonstrate that board busyness is positively associated with reported information security incidents. This effect is larger when independent directors are busy, thus suggesting the importance of the governance role played by independent directors in managing information security risks. The board of directors’ role has been emphasized in anecdotal evidence and IT governance frameworks, but our study empirically demonstrates the board’s relevance in information security strategy and management

Tech-Savvy on Board: Investigating the Impact of Board of Directors’ IT Professional Experiences on Firms’ IT Investment and Performance

Our study investigates whether having directors with IT professional experiences on board impacts a firm’s IT investment growth and financial performance. We gather data from BoardEx, Compustat, and Harte-Hanks databases for S&P 1500 firms between 2011 and 2017. We include a rich set of controls and fixed effects in the analysis. We also employ a novel strategy to adjust for the remaining selection on unobservables. Our analysis shows that firms with tech-savvy directors have higher investment growth in different categories of IT including software, hardware, communication, and services. We also find these firms experience better performance measured by Tobin’s Q. The findings highlight the importance of board of directors in driving IT investment growth and firm performance

The Puzzle of Brandeis, Privacy, and Speech

The Right to Privacy\u27 and his dissent in Olmstead v. United States. In The Right to Privacy, Brandeis and Samuel Warren argued that intrusion into and public disclosure of private affairs by the press was deeply hurtful, and that the common law should be read to recognize a tort remedy for such violations. Their short article is considered by scholars to have established not just the privacy torts but the field of privacy law itself. Brandeis is also famous (though less so) for his Olmstead dissent-a document which introduced modern concepts of privacy into constitutional law, and ultimately led not only to the reasonable expectation of privacy test that governs Fourth Amendment law,4 but also shaped the constitutional right to privacy recognized in Griswold v. Connecticut5 and Roe v. Wade. While sounding good in theory, the right to privacy has proven hard to apply in practice. From its earliest recognition by the common law, and particularly since the 1960s, tort privacy has conflicted with First Amendment rights of free speech and press. Over the years, the conflict between privacy and speech has generated a substantial literature. Important litigation has also examined the constitutionality of privacy rights under the First Amendment, with the First Amendment usually prevailing. An important theme running throughout these cases and commentary is that privacy and speech are in irreconcilable conflict. The assumed conflict between privacy and speech reveals a puzzle. In addition to establishing the modern legal conception of privacy, Brandeis is also a central figure in the genesis of First Amendment law. In a series of separate opinions in free speech cases from 1919-1925, Justice Brandeis articulated a more robust notion of the First Amendment that has subsequently become the dominant one in American constitutional law.\u270 Brandeis\u27s most important contribution to this tradition is his opinion in Whitney v. California, which Vincent Blasi has called arguably the most important essay ever written, on or off the bench, on the meaning of the First Amendment