A Viable Approach for Measuring the Risk-Return Relationship of IT Investments

The importance of managing the risk-return balance of information technology (IT) investments has become clearer than ever. Yet, quantitative assessment of IT investment risk and return based on financial measures remains a major challenge. Recently scholars have used event study analysis to measure the value created via IT investment, by examining the abnormal changes in shareholder wealth around the time a specific IT investment is announced. The abnormal return on equity due to such an event is considered a good proxy for the economic value of that event. In the same spirit, this research proposes estimating several forms of IT investment risk, by combining event study analysis with the use of arbitrage pricing theory. In so doing, this research contributes towards the development of an integrated approach for quantifying the risk-return relationship for IT investment so that practitioners can make more informed investment decisions

Pricing e-service quality risk in financial services

a b s t r a c t E-service quality is crucial for differentiating e-commerce offers and gaining competitive advantage. Eservice quality risk is the risk that a firm's e-service quality will drop, or improve, relative to competitors. There is evidence that benchmark ratings of e-service quality that are published regularly by third-parties can impact the market value of rated firms. Firms therefore continue investing in IT-related determinants of e-service quality. However, they do so without knowing: (1) the cost or return associated with a unit relative deterioration, or improvement in e-service quality ratings, and (2) how this cost or return may vary across firms. To answer these questions, we adapt a well-established financial risk pricing approach for the case of pricing a single idiosyncratic IT investment risk, where an event study is used to generate the market data needed to price ris

Measurement of information technology investment risks: A multifactor model and its operationalization

The measurement of IT risk is one of the least studied areas in the IS risk literature. IS research that apply financial economics models in the broader context of examining the IT risk-return relationship and IT risk management invariably identifies risk measurement as a primary limitation. The present thesis investigates a new approach for closing this critical gap. Building upon a process-theoretic view of how IT value is generated, we propose a generalized framework comprising three elements. One is a multifactor return generating process (RGP) model defining a linear relationship between IT investment returns and the unexpected behavior (realizations) of multiple risk factors. Another element is an operational, prediction-oriented version of the RGP model defining IT return as a linear function of risk premiums associated with risk factors. The last element is a four-step methodology for estimating and validating the risk pricing parameters associated with each risk factor based on the former two elements. Our framework builds on recent theoretical and empirical developments in financial economics research according to which the principles of arbitrage pricing theory (APT) extend to the operationalization of the multifactor RGP in pricing IT investment risk factors. Moreover, observing that relevant data on IT risks and IT returns may come from diverse sources, each having its own unique characteristics, we show how to instantiate our framework in two different empirical contexts. In the first context, focusing on pricing software development risk factors, we apply the principles of APT by using a reference software cost estimation model, to which agents are assumed to subscribe, to substitute for the role of a \u27market\u27 in governing the extra cost a software project incurs due to exposure to multiple risk factors. In the second context, focusing on pricing customer adoption risk, market data generated using an event study enable application of the APT model in the context of a single-factor RGP conditioned on firm-specific events targeted by the event study. These two empirical studies effectively demonstrate the viability of applying our proposed risk pricing framework to the IT investment context

The Daily Ardmoreite

Daily newspaper from Ardmore, Chickasaw Nation, Indian Territory. Coverage includes local, territorial, and United States national news along with advertising

HIPAA Compliance: An Institutional Theory Perspective

One would think that the enactment of the HIPAA and associated mandates on data security and privacy has brought a major shift in the information security management practices across the US healthcare sector. Unfortunately, recent industry reports indicate substantially low level of regulatory compliance, thus raising security concerns to US health IT infrastructure. This research develops a regulatory compliance model by drawing insights from institutional theory literature to identify the key drivers influencing compliance, both institutional and market forces - e.g. mix of state and federal privacy regulations, pressure from compliance leaders in the region, and the consumer demand for privacy among others. The primary contribution of this research lies in the novel application of institutional theory to explain the variability in regulatory compliance prevalent in the US healthcare sector