Cybersecurity risk represents a growing business threat. However, little attention has been paid to its assessment. This study proposes a machine learning algorithm that considers firm cybersecurity risk disclosure, information technology governance, external monitoring by financial analysts and auditors, and general firm characteristics to estimate cybersecurity risk (i.e., the likelihood of a firm experiencing data breaches during a year). This measure outperforms the measure produced by logistic regression models, is higher in industries more prone to cyberattacks, and effectively predicts future data breaches and firm use of cybersecurity insurance policies. I also examine whether auditors consider firm cybersecurity risk in the engagement planning process, finding that, on average, a one-percentage-point increase in cybersecurity risk is associated with a 1.15 percent increase in audit fees. In addition, auditors charge a fee premium after a data breach only if the client has heightened cybersecurity risk. Data Availability: Data are available from the public sources cited in the text.
{"title":"Cybersecurity Risk and Audit Pricing—A Machine Learning-Based Analysis","authors":"Wanying Jiang","doi":"10.2308/isys-2023-019","DOIUrl":"https://doi.org/10.2308/isys-2023-019","url":null,"abstract":"\u0000 Cybersecurity risk represents a growing business threat. However, little attention has been paid to its assessment. This study proposes a machine learning algorithm that considers firm cybersecurity risk disclosure, information technology governance, external monitoring by financial analysts and auditors, and general firm characteristics to estimate cybersecurity risk (i.e., the likelihood of a firm experiencing data breaches during a year). This measure outperforms the measure produced by logistic regression models, is higher in industries more prone to cyberattacks, and effectively predicts future data breaches and firm use of cybersecurity insurance policies. I also examine whether auditors consider firm cybersecurity risk in the engagement planning process, finding that, on average, a one-percentage-point increase in cybersecurity risk is associated with a 1.15 percent increase in audit fees. In addition, auditors charge a fee premium after a data breach only if the client has heightened cybersecurity risk.\u0000 Data Availability: Data are available from the public sources cited in the text.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":" 11","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139393458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Using a recently developed proxy for retail investor attention to 10-K filings on EDGAR, we investigate the relationship between retail investor attention and audit fees. We find that retail investor attention is positively related to audit fees and negatively related to earnings quality. Our result is consistent with the notion that managers of firms with high retail investor attention are more likely to manipulate earnings. We also find that retail investor attention to 10-K filings is a relatively more important source of firm-specific information for small firms than for large firms. Collectively, we find that retail investor attention plays a significant role in audit pricing. Our results are robust even after controlling for omitted variable bias, endogeneity, and alternative retail investor attention measures. JEL Classifications: M41; M42.
我们利用最近开发的散户投资者关注 EDGAR 上 10-K 文件的代理变量,研究了散户投资者关注度与审计费用之间的关系。我们发现,散户投资者关注度与审计费用正相关,而与盈利质量负相关。我们的结果与散户投资者关注度高的公司经理更有可能操纵盈利的观点一致。我们还发现,散户投资者对 10-K 文件的关注是小公司比大公司相对更重要的公司特定信息来源。总之,我们发现散户投资者的关注度在审计定价中发挥着重要作用。即使在控制了遗漏变量偏差、内生性和其他散户投资者关注度衡量标准之后,我们的结果仍然是稳健的。JEL 分类:M41; M42.
{"title":"Retail Investor Attention and Audit Pricing","authors":"Myojung Cho, Feiqi Huang, Xin Luo","doi":"10.2308/isys-2023-017","DOIUrl":"https://doi.org/10.2308/isys-2023-017","url":null,"abstract":"\u0000 Using a recently developed proxy for retail investor attention to 10-K filings on EDGAR, we investigate the relationship between retail investor attention and audit fees. We find that retail investor attention is positively related to audit fees and negatively related to earnings quality. Our result is consistent with the notion that managers of firms with high retail investor attention are more likely to manipulate earnings. We also find that retail investor attention to 10-K filings is a relatively more important source of firm-specific information for small firms than for large firms. Collectively, we find that retail investor attention plays a significant role in audit pricing. Our results are robust even after controlling for omitted variable bias, endogeneity, and alternative retail investor attention measures.\u0000 JEL Classifications: M41; M42.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"3 4","pages":""},"PeriodicalIF":1.9,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139457739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-10-01DOI: 10.2308/0888-7985-37.3.i
{"title":"Covers and Front Matter","authors":"","doi":"10.2308/0888-7985-37.3.i","DOIUrl":"https://doi.org/10.2308/0888-7985-37.3.i","url":null,"abstract":"","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136093152","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
ABSTRACT Anecdotal and empirical evidence indicates that the growing adoption of artificial intelligence (AI) within accounting firms and accounting departments leads to improvements in efficiency, a gradual increase in the share of AI workers, and a decrease in junior accounting employees. If this trend continues, would it signal the beginning of an era of diminishing demand for new accounting professionals and a shift in the required skill set of new accounting employees? The aim of the workshop, which, by happenstance, occurred the same week that OpenAI introduced ChatGPT, was to bring together Accounting Information Systems researchers and representatives from leading accounting firms for a conversation on the implications of AI for the accounting profession and related research opportunities. Although the panelists at the time had no way of knowing the capabilities of generative AI models like ChatGPT, their main message was timely and appropriate: Accountants with AI will replace accountants.
{"title":"AI and the Accounting Profession: Views from Industry and Academia","authors":"J. Efrim Boritz, Theophanis C. Stratopoulos","doi":"10.2308/isys-2023-054","DOIUrl":"https://doi.org/10.2308/isys-2023-054","url":null,"abstract":"ABSTRACT Anecdotal and empirical evidence indicates that the growing adoption of artificial intelligence (AI) within accounting firms and accounting departments leads to improvements in efficiency, a gradual increase in the share of AI workers, and a decrease in junior accounting employees. If this trend continues, would it signal the beginning of an era of diminishing demand for new accounting professionals and a shift in the required skill set of new accounting employees? The aim of the workshop, which, by happenstance, occurred the same week that OpenAI introduced ChatGPT, was to bring together Accounting Information Systems researchers and representatives from leading accounting firms for a conversation on the implications of AI for the accounting profession and related research opportunities. Although the panelists at the time had no way of knowing the capabilities of generative AI models like ChatGPT, their main message was timely and appropriate: Accountants with AI will replace accountants.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135663624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
ABSTRACT This study investigates whether auditors’ experiences with their clients’ cybersecurity incidents affect their subsequent audits for nonbreach clients and help those clients reduce cybersecurity risks. We find that audit offices who have experience with cybersecurity-breached clients, ceteris paribus, charge higher audit fees from nonbreach clients. Additionally, the increased audit fees conditional on auditors’ cybersecurity experience are negatively associated with nonbreach clients’ future breach incidents. Such associations are found only in the Big 4 audit offices and offices with IT capability. This study offers timely insights for standard setters and important implications for both professionals and the academic literature by documenting the spillover effect of cybersecurity experience on subsequent risk assessments of nonbreach clients, while also confirming the effectiveness of engaging auditors in addressing cybersecurity matters. Data Availability: Data are available from the public sources identified in the article. JEL Classifications: M42.
{"title":"The Impact of Audit Office Cybersecurity Experience on Nonbreach Client's Audit Fees and Cybersecurity Risks","authors":"He Li, Zhengjie Sun, Feiqi Huang","doi":"10.2308/isys-2023-014","DOIUrl":"https://doi.org/10.2308/isys-2023-014","url":null,"abstract":"ABSTRACT This study investigates whether auditors’ experiences with their clients’ cybersecurity incidents affect their subsequent audits for nonbreach clients and help those clients reduce cybersecurity risks. We find that audit offices who have experience with cybersecurity-breached clients, ceteris paribus, charge higher audit fees from nonbreach clients. Additionally, the increased audit fees conditional on auditors’ cybersecurity experience are negatively associated with nonbreach clients’ future breach incidents. Such associations are found only in the Big 4 audit offices and offices with IT capability. This study offers timely insights for standard setters and important implications for both professionals and the academic literature by documenting the spillover effect of cybersecurity experience on subsequent risk assessments of nonbreach clients, while also confirming the effectiveness of engaging auditors in addressing cybersecurity matters. Data Availability: Data are available from the public sources identified in the article. JEL Classifications: M42.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"203 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136054550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-10-01DOI: 10.2308/0888-7985-37.3.191
{"title":"Editorial Policy","authors":"","doi":"10.2308/0888-7985-37.3.191","DOIUrl":"https://doi.org/10.2308/0888-7985-37.3.191","url":null,"abstract":"","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136167063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Joseph A. Johnston, Kenneth J. Reichelt, Pradeep Sapkota
ABSTRACT We develop a measure of disclosure quality using disaggregation of financial statement items from the Form 10-K XBRL filing. Our measure (ITEMS) extends Chen, Miao, and Shevlin’s (2015) DQ measure and is distinct from R. Hoitash and U. Hoitash’s (2018) ARC measure. Our measure provides a simple measure of disaggregation by counting the balance sheet and income statement line items, it does not depend on the data aggregators’ collection process and is readily available shortly after the Form 10-K is filed. We validate ITEMS by showing that firm fundamentals correlate to ITEMS in the predicted direction using OLS regression. We find that ITEMS explains consequences of disclosure quality: forecast error, forecast dispersion, bid-ask spread, and cost of equity capital. Further, ITEMS has explanatory power of disclosure quality consequences incremental to DQ and ARC, and it is distinct from ARC evident from different associations with disclosure quality consequences and reporting quality. Data Availability: Data are available from public sources identified in the text. JEL Classifications: M10; M40; M41.
{"title":"Measuring Financial Statement Disaggregation Using XBRL","authors":"Joseph A. Johnston, Kenneth J. Reichelt, Pradeep Sapkota","doi":"10.2308/isys-2021-004","DOIUrl":"https://doi.org/10.2308/isys-2021-004","url":null,"abstract":"ABSTRACT We develop a measure of disclosure quality using disaggregation of financial statement items from the Form 10-K XBRL filing. Our measure (ITEMS) extends Chen, Miao, and Shevlin’s (2015) DQ measure and is distinct from R. Hoitash and U. Hoitash’s (2018) ARC measure. Our measure provides a simple measure of disaggregation by counting the balance sheet and income statement line items, it does not depend on the data aggregators’ collection process and is readily available shortly after the Form 10-K is filed. We validate ITEMS by showing that firm fundamentals correlate to ITEMS in the predicted direction using OLS regression. We find that ITEMS explains consequences of disclosure quality: forecast error, forecast dispersion, bid-ask spread, and cost of equity capital. Further, ITEMS has explanatory power of disclosure quality consequences incremental to DQ and ARC, and it is distinct from ARC evident from different associations with disclosure quality consequences and reporting quality. Data Availability: Data are available from public sources identified in the text. JEL Classifications: M10; M40; M41.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"66 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136054533","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Simon Thies, Marko Kureljusic, Erik Karger, Thilo Krämer
ABSTRACT Recent cases, such as Wirecard, Luckin Coffee, and Steinhoff, highlight the vulnerability of current accounting practices and question their suitability to prevent criminal behavior. Triple-entry accounting (TEA) is a possible answer against accounting fraud and financial manipulation that is increasingly discussed in research and practice. By being based on blockchain technology, TEA is tamper-proof and, thus, might be an effective instrument against manipulation in accounting. However, despite the potential of TEA, research on this topic is scattered and mostly isolated from each other. By conducting a systematic literature review, we synthesize and summarize current research on blockchain-based TEA. Hereby, we find that current research is almost entirely theoretical. Up to now, real-world implementations and their evaluation are still missing in both research and practice. To address these gaps, we develop guiding research questions for interested scholars to pave the way for TEA’s practical use. JEL Classifications: M40; M41.
{"title":"Blockchain-Based Triple-Entry Accounting: A Systematic Literature Review and Future Research Agenda","authors":"Simon Thies, Marko Kureljusic, Erik Karger, Thilo Krämer","doi":"10.2308/isys-2022-029","DOIUrl":"https://doi.org/10.2308/isys-2022-029","url":null,"abstract":"ABSTRACT Recent cases, such as Wirecard, Luckin Coffee, and Steinhoff, highlight the vulnerability of current accounting practices and question their suitability to prevent criminal behavior. Triple-entry accounting (TEA) is a possible answer against accounting fraud and financial manipulation that is increasingly discussed in research and practice. By being based on blockchain technology, TEA is tamper-proof and, thus, might be an effective instrument against manipulation in accounting. However, despite the potential of TEA, research on this topic is scattered and mostly isolated from each other. By conducting a systematic literature review, we synthesize and summarize current research on blockchain-based TEA. Hereby, we find that current research is almost entirely theoretical. Up to now, real-world implementations and their evaluation are still missing in both research and practice. To address these gaps, we develop guiding research questions for interested scholars to pave the way for TEA’s practical use. JEL Classifications: M40; M41.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136023803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
ABSTRACT Artificial intelligence (AI)-enabled tools and analytics hold the potential to radically alter audit processes by disseminating centralized audit expertise. We examine this potential in the context of data analytic-driven audits mandated to reduce fraud, waste, and abuse in a government-sponsored healthcare program. To do so, we draw on semistructured interviews with healthcare providers (i.e., auditees) subject to healthcare audits. Our work shows how use of paraprofessional auditors guided by AI-enabled tools and analytics reflects a very different audit environment. Specifically, auditees’ experiences suggest paraprofessional auditors lack specific expertise and credentials to conduct data-driven audits, apply judgment in deference to technology, and disregard the impact of AI-driven decisions on the public interest. Such experiences raise potential concerns for all audits over unbridled use of AI-enabled tools and analytics by novice-level auditors/paraprofessionals, but even more for audits conducted in contexts where adherence to professional norms is essential to minimizing public interest consequences. JEL Classifications: M42; M48.
{"title":"Exploring the Impact of Technology Dominance on Audit Professionalism through Data Analytic-Driven Healthcare Audits","authors":"Jared Koreff, Lisa Baudot, Steve G. Sutton","doi":"10.2308/isys-2022-023","DOIUrl":"https://doi.org/10.2308/isys-2022-023","url":null,"abstract":"ABSTRACT Artificial intelligence (AI)-enabled tools and analytics hold the potential to radically alter audit processes by disseminating centralized audit expertise. We examine this potential in the context of data analytic-driven audits mandated to reduce fraud, waste, and abuse in a government-sponsored healthcare program. To do so, we draw on semistructured interviews with healthcare providers (i.e., auditees) subject to healthcare audits. Our work shows how use of paraprofessional auditors guided by AI-enabled tools and analytics reflects a very different audit environment. Specifically, auditees’ experiences suggest paraprofessional auditors lack specific expertise and credentials to conduct data-driven audits, apply judgment in deference to technology, and disregard the impact of AI-driven decisions on the public interest. Such experiences raise potential concerns for all audits over unbridled use of AI-enabled tools and analytics by novice-level auditors/paraprofessionals, but even more for audits conducted in contexts where adherence to professional norms is essential to minimizing public interest consequences. JEL Classifications: M42; M48.","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135255104","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-01DOI: 10.2308/0888-7985-37.2.i
{"title":"Covers and Front Matter","authors":"","doi":"10.2308/0888-7985-37.2.i","DOIUrl":"https://doi.org/10.2308/0888-7985-37.2.i","url":null,"abstract":"","PeriodicalId":46998,"journal":{"name":"Journal of Information Systems","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136177634","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}