Cybersecurity, Capital Allocations and Management Control Systems
AbstractThe design and use of management control systems can play a key role in dealing with cybersecurity issues that have arisen in tandem with the emergence of the Internet. Efficient management control systems will reduce a firm's likelihood of suffering significant losses from cybersecurity breaches. Drawing on and extending the extant agency-based capital budgeting literature, this paper demonstrates the relevance of the study of management accounting controls to problems arising in the cybersecurity setting. The main finding is that firms can use an information security audit (which is an integral part of a management control system) along with adjustments to the compensation payments to the agent and the investment decision rules, to mitigate a Chief Information Security Officer's inherent empire building preferences. The paper also identifies additional research areas where management accountants with expertise in management control systems can contribute to the academic literature and practice surrounding cybersecurity issues.
Download InfoIf you experience problems downloading a file, check if you have the proper application to view it first. In case of further problems read the IDEAS help page. Note that these files are not on the IDEAS site. Please be patient as the files may be large.
Bibliographic InfoArticle provided by Taylor & Francis Journals in its journal European Accounting Review.
Volume (Year): 17 (2008)
Issue (Month): 2 ()
Contact details of provider:
Web page: http://www.tandfonline.com/REAR20
You can help add them by filling out this form.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: (Michael McNulty).
If references are entirely missing, you can add them using this form.