IT Security Controls Quality and Firm Performance: A Strategic Liability Lens
暂无分享,去创建一个
[1] George Foster,et al. Brand Values and Capital Market Valuation , 1998 .
[2] William R. Kinney,et al. The Discovery and Reporting of Internal Control Deficiencies Prior to SOX-Mandated Audits , 2007 .
[3] J. Lainhart. COBIT™: A Methodology for Managing and Controlling Information and Information Technology Risks and Vulnerabilities , 2000 .
[4] Jacqueline S. Hammersley,et al. Market reactions to the disclosure of internal control weaknesses and to the characteristics of those weaknesses under section 302 of the Sarbanes Oxley Act of 2002 , 2007 .
[5] B. Wernerfelt,et al. A Resource-Based View of the Firm , 1984 .
[6] Huseyin Cavusoglu,et al. The Effect of Internet Security Breach Announcements on Market Value: Capital Market Reactions for Breached Firms and Internet Security Developers , 2004, Int. J. Electron. Commer..
[7] William R. Kinney,et al. The Effect of SOX Internal Control Deficiencies and Their Remediation on Accrual Quality , 2007 .
[8] Alessandro Acquisti,et al. Is There a Cost to Privacy Breaches? An Event Study , 2006, WEIS.
[9] Rahul Telang,et al. Market for Software Vulnerabilities? Think Again , 2005, Manag. Sci..
[10] William Lucyshyn,et al. The Impact of the Sarbanes-Oxley Act on the Corporate Disclosures of Information Security Activities , 2006 .
[11] Weili Ge,et al. Accruals Quality and Internal Control Over Financial Reporting , 2007 .
[12] T. C. Powell. Competitive advantage: logical and philosophical considerations , 2001 .
[13] Mani R. Subramani,et al. The Matrix of Control: Combining Process and Structure Approaches to Managing Software Development , 2003, J. Manag. Inf. Syst..
[14] J. Heckman. Sample selection bias as a specification error , 1979 .
[15] B. Lev,et al. Value-Relevance of Nonfinancial Information: The Wireless Communications Industry , 1996 .
[16] Michael R. Wade,et al. The Resource-Based View and Information Systems Research: Review, Extension, and Suggestions for Future Research , 2004, MIS Q..
[17] Detmar W. Straub,et al. Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..
[18] Gautam Ray,et al. Information Technology and the Performance of the Customer Service Process: A Resource-Based Analysis , 2005, MIS Q..
[19] James Backhouse,et al. Circuits of Power in Creating de jure Standards: Shaping an International Information Systems Security Standard , 2006, MIS Q..
[20] H. White. A Heteroskedasticity-Consistent Covariance Matrix Estimator and a Direct Test for Heteroskedasticity , 1980 .
[21] Jacqueline S. Hammersley,et al. Market reactions to the disclosure of internal control weaknesses and to the characteristics of those weaknesses under section 302 of the Sarbanes Oxley Act of 2002 , 2008 .
[22] Jingguo Wang,et al. Research Note - A Value-at-Risk Approach to Information Security Investment , 2008, Inf. Syst. Res..
[23] RICHAFID BASKERVILLE,et al. Information systems security design methods: implications for information systems development , 1993, CSUR.
[24] T. C. Powell,et al. Information technology as competitive advantage: the role of human , 1997 .
[25] Lawrence A. Gordon,et al. The economics of information security investment , 2002, TSEC.
[26] Richard Baskerville,et al. Risk analysis: an interpretive feasibility tool in justifying information systems security , 1991 .
[27] Lei Zhou,et al. The Economic Cost of Publicly Announced Information Security Breaches: Empirical Evidence from the Stock Market , 2003, J. Comput. Secur..
[28] James A. Ohlson. On Transitory Earnings , 1999 .
[29] Dennis G. Severance,et al. Data processing control: a state-ofthe- art survey of attitudes and concerns of DP executives , 1981 .
[30] Anandhi S. Bharadwaj,et al. A Resource-Based Perspective on Information Technology Capability and Firm Performance: An Empirical Investigation , 2000, MIS Q..
[31] J. Barney,et al. Organizational Culture: Can It Be a Source of Sustained Competitive Advantage? , 1986 .
[32] Richard L. Arend. The Definition of Strategic Liabilities, and their Impact on Firm Performance , 2004 .
[33] James A. Ohlson. Earnings, Book Values, and Dividends in Equity Valuation* , 1995 .
[34] William L. Fuerst,et al. Information technology and sustained competitive advantage: a resource-based analysis , 1995 .
[35] Hao Xu,et al. Optimal Policy for Software Vulnerability Disclosure , 2008, Manag. Sci..
[36] Huseyin Cavusoglu,et al. The Value of Intrusion Detection Systems in Information Technology Security Architecture , 2005, Inf. Syst. Res..
[37] Terry J. Shevlin,et al. The value-relevance of nonfinancial information: A discussion , 1996 .
[38] J. Barney. Firm Resources and Sustained Competitive Advantage , 1991 .
[39] IV JohnW.Lainhart. COBIT™: A Methodology for Managing and Controlling Information and Information Technology Risks and Vulnerabilities , 2000, J. Inf. Syst..
[40] Varun Grover,et al. Shaping Agility through Digital Options: Reconceptualizing the Role of Information Technology in Contemporary Firms , 2003, MIS Q..
[41] Suresh Kotha,et al. The Value-Relevance of Network Advantages: The Case of E-Commerce Firms , 2003 .
[42] M. Wade,et al. Review: the resource-based view and information systems research: review, extension, and suggestions for future research , 2004 .
[43] Prem C. Jain,et al. Sustained Earnings and Revenue Growth, Earnings Quality, and Earnings Response Coefficients , 2004 .
[44] J. Heckman. Dummy Endogenous Variables in a Simultaneous Equation System , 1977 .
[45] B. Lev,et al. The capitalization, amortization, and value-relevance of R&D , 1996 .
[46] Edward I. Altman,et al. FINANCIAL RATIOS, DISCRIMINANT ANALYSIS AND THE PREDICTION OF CORPORATE BANKRUPTCY , 1968 .
[47] Detmar W. Straub,et al. Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..
[48] Weili Ge,et al. Determinants of Weaknesses in Internal Control over Financial Reporting , 2006 .
[49] Vernon J. Richardson,et al. Information technology investments and firm value , 2005, Inf. Manag..
[50] Omar M. G. Keshk. CDSIMEQ: A Program to Implement Two-stage Probit Least Squares , 2003 .
[51] N. Carr. IT doesn't matter , 2003, IEEE Engineering Management Review.
[52] Rahul Telang,et al. An Empirical Analysis of the Impact of Software Vulnerability Announcements on Firm Stock Price , 2007, IEEE Transactions on Software Engineering.
[53] P. Schmidt,et al. Limited-Dependent and Qualitative Variables in Econometrics. , 1984 .
[54] Gregg Stults. An Overview of Sarbanes-Oxley for the Information Security Professional , 2004 .
[55] Radhika Santhanam,et al. Issues in Linking Information Technology Capability to Firm Performance , 2003, MIS Q..