Cyber Supply Chain Risk Management: Toward an Understanding of the Antecedents to Demand for Assurance-Reference-Cited by-同舟云学术

Cyber Supply Chain Risk Management: Toward an Understanding of the Antecedents to Demand for Assurance

Published:2020-10-07 Issue:2 Volume:35 Page:37-60
ISSN:1558-7959
Container-title:Journal of Information Systems
language:en
Short-container-title:

Author:

Hampton Clark¹,Sutton Steve G.²³^ORCID,Arnold Vicky²³,Khazanchi Deepak⁴^ORCID

Affiliation:

1. University of South Carolina

2. Norwegian School of Economics

3. University of Central Florida

4. University of Nebraska at Omaha

Abstract

ABSTRACT Recognizing the need for effective cyber risk management processes across the supply chain, the AICPA issued a new SOC in March 2020 for assuring cyber supply chain risk management (C-SCRM) processes. This study examines supply chain relationship factors and cyber risk issues to better understand the demand for C-SCRM assurance. Resource-Advantage Theory of Competition provides the conceptual foundation for assessing the dual drivers of relationship building and cyber risk management on demand for assurance. We use a field survey to collect data from 205 professionals enabling evaluation of the complex relationships in the theoretical model. Results support all hypotheses, provide satisfactory model fit, and support the underlying theory. Trust and cyber supply chain risk both positively influence demand for assurance over C-SCRM processes. This study expands the literature on cyber assurance by auditors and elaborates on overall supply chain processes that help drive value from auditors providing such assurance.

Publisher

American Accounting Association

Subject

Management of Technology and Innovation,Information Systems and Management,Human-Computer Interaction,Accounting,Information Systems,Software,Management Information Systems

Link

http://meridian.allenpress.com/jis/article-pdf/35/2/37/2882957/i1558-7959-35-2-37.pdf

Reference86 articles.

1. American Institute of Certified Public Accountants (AICPA). 2020 a. SOC for Supply Chains Backgrounder. New York, NY: AICPA.

2. American Institute of Certified Public Accountants (AICPA). 2020 b. Appendix A: Information for Management . New York, NY: AICPA.

3. American Institute of Certified Public Accountants (AICPA). 2020 c. Appendix B: Comparison of SOC for Supply Chain, SOC 2, and SOC for Cybersecurity Examinations and Related Reports. New York, NY: AICPA.

4. Anderson, S., and LanenW. 2002. Using electronic data interchange (EDI) to improve the efficiency of accounting transactions. The Accounting Review77 ( 4): 703– 729. https://doi.org/10.2308/accr.2002.77.4.703

5. Armstrong, C., and SambamurthyV. 1999. Information technology assimilation in firms: The influence of senior leadership and IT infrastructures. Information Systems Research10 ( 4): 304– 327. https://doi.org/10.1287/isre.10.4.304

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Mitigating it Material Weaknesses: The Role of Security Awareness in the Interplay of it Outsourcing and is Governance;2024

2. Identifying Critical Success Factors (CSF) for Cyber Supply Chain Risk Management (CSCRM): A Qualitative Study Using Agency Theory;Communications in Computer and Information Science;2024

3. Survey of Emerging Blockchain Technologies for Improving the Data Integrity and Auditability of Manufacturing Bills of Materials in Enterprise Resource Planning;Journal of Emerging Technologies in Accounting;2023-10-01

4. The impact of customer firm data breaches on the audit fees of their suppliers;International Journal of Accounting Information Systems;2023-09

5. Impact of Risk Attributes on Vendor Risk Assessment and Classification;SSRN Electronic Journal;2023