Abstract
Security risk management (SRM) presents continued challenges for IT executives. Because of growing data breaches, significant funding needs, and non-stop malicious cyber threats, SRM operational effectiveness and SRM maturity present ever-changing complexities. In organizations, cyber-related events, including advancing information technologies, contribute to the increasing complexity and guarded nature of SRM. This qualitative study was designed to examine SRM operational effectiveness and SRM maturity in financial reporting. Using a set of qualitative techniques, a sample of 107 SRM financial reported statements were rendered from 1,113 U.S. banks’ financial reporting artifacts. Validation of results involved interviews and Q-sorting among three Chief Information Security Officers (CISOs) as subject matter experts. This study presented evidence of varying perceptions of SRM operational effectiveness and SRM maturity were conveyed that may or may not properly reflect how well organizations may perform against cyber-related events. To researchers, practitioners, and policymakers, this study offers an alternative approach and theoretical considerations for future SRM research, especially when reporting cyber-related events.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
