Affiliation:
1. University of South Florida
2. Florida Atlantic University
Abstract
ABSTRACT
Data security breaches have been shown in the literature to negatively affect firm operations. Auditors serve as an important, external governance mechanism with respect to a firm's overall risk management protocol. Consequently, our study examines whether auditors price breach risk into their fees and if a firm's internal governance can mitigate the potential increases in audit fees. Using a sample of breached firms ranging from 2005–2014, we adapt the Houston, Peters, and Pratt (2005) model to explore how auditors view audit risk related to breach risk. We find that breaches are associated with an increase in fees, but the result is driven by external breaches. Our evidence suggests the presence of board-level risk committees and more active audit committees may help mitigate the breach risk audit fee premium. Additional evidence suggests that both past breach disclosures as well as future disclosures are associated with audit fees.
Publisher
American Accounting Association
Subject
Management of Technology and Innovation,Information Systems and Management,Human-Computer Interaction,Accounting,Information Systems,Software,Management Information Systems
Reference55 articles.
1. The association between audit committee characteristics and audit fees;Abbott;Auditing: A Journal of Practice & Theory,2003
2. AICPA Unveils Cybersecurity Risk Management Reporting Framework;American Institute of Certified Public Accountants (AICPA),2017
3. SOC for Cybersecurity: A Backgrounder;American Institute of Certified Public Accountants (AICPA),2018
4. Do non-audit services compromise auditor independence? Further evidence;Ashbaugh;The Accounting Review,2003
5. Business risk and the audit process;Brumfield;Journal of Accountancy,1983
Cited by
49 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献