IDEAS home Printed from https://ideas.repec.org/a/nwe/natrud/y2020i4p159-191.html
   My bibliography  Save this article

Cyber Risk Management and Accounting Profession

Author

Listed:
  • Michael Musov

    (University of National and World Economy, Sofia, Bulgaria)

Abstract

In today’s world of information technologies (IT) and digital connectivity cyber risk is considered inevitable for all organizations. Hence, understanding cyber risk and managing it effectively is crucial for all. This paper includes a literature review with the aim to suggest a model for cyber risk management as well as to justify the role of accountants in this model. This review leads to the conclusion that cyber risk is a unity of three elements (threat, IT vulnerability and negative impact) and suggests the following six integrated stages of its management: (1) identification, prioritization, and assessment; (2) control system design; (3) monitoring; (4) incident management; (5) reporting and assurance; (6) informal management. The incremental contribution of the proposed model with respect to the existing frameworks is in the following two differences: first, it is more integrative than the alternatives, and second, it quantifies cyber risk more relevantly and reliably than the alternatives. To apply the suggested model cybersecurity professionals should have some technical knowledge, but the core attributes relate to their personal capabilities. Due to their specific expertise and competencies, accountants can have a key role in risk management. To benefit cybersecurity risk management, however, accounting needs to reform its higher education model.

Suggested Citation

  • Michael Musov, 2020. "Cyber Risk Management and Accounting Profession," Nauchni trudove, University of National and World Economy, Sofia, Bulgaria, issue 4, pages 159-191, December.
    • Handle: RePEc:nwe:natrud:y:2020:i:4:p:159-191
    as

    Download full text from publisher

    File URL: http://unwe-research-papers.org/bg/journalissues/article/10303
    Download Restriction: no
    ---><---

    More about this item

    Keywords

    cyber risk; cybersecurity; accounting profession; accounting higher education;
    All these keywords.

    JEL classification:

    • M40 - Business Administration and Business Economics; Marketing; Accounting; Personnel Economics - - Accounting - - - General
    • I23 - Health, Education, and Welfare - - Education - - - Higher Education; Research Institutions
    • G32 - Financial Economics - - Corporate Finance and Governance - - - Financing Policy; Financial Risk and Risk Management; Capital and Ownership Structure; Value of Firms; Goodwill

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:nwe:natrud:y:2020:i:4:p:159-191. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Vanya Lazarova (email available below). General contact details of provider: https://edirc.repec.org/data/unweebg.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.