Linking Operational IT failures to IT control weaknesses

Michel Benaroch; Anna Chernobay

Linking Operational IT failures to IT control weaknesses

Michel Benaroch, Anna Chernobay

Whitman School of Management

Research output: Chapter in Book/Entry/Poem › Conference contribution

2 Scopus citations

Abstract

Operational IT failures have significant negative impacts on firms but little is known about their origins. Building on accounting research linking adverse operational events to SOX-disclosed control weaknesses (CWs) over financial reporting, we study the origins of IT failures in relation to IT-CWs. We use a sample of 212 operational IT failures where the confidentiality, integrity, or availability of data assets and functional IT assets (hardware, networks, etc.) has been compromised. We find that IT failures are linked to a relatively small set of IT-CWs, where each IT failure type is linked to a distinctly different subset of IT-CWs. Moreover, IT failures that are more harmful to the firm are found to be associated with IT-CWs that are more severe in the sense that they are more difficult to remediate.

Original language	English (US)
Title of host publication	2015 Americas Conference on Information Systems, AMCIS 2015
Publisher	Americas Conference on Information Systems
ISBN (Electronic)	9780996683104
State	Published - 2015
Event	21st Americas Conference on Information Systems, AMCIS 2015 - Fajardo, Puerto Rico Duration: Aug 13 2015 → Aug 15 2015

Other

Other	21st Americas Conference on Information Systems, AMCIS 2015
Country/Territory	Puerto Rico
City	Fajardo
Period	8/13/15 → 8/15/15

Keywords

CobiT
Information systems risk
It control weaknesses
Operational IT failure

ASJC Scopus subject areas

Computer Science Applications
Information Systems

Cite this

@inproceedings{18ae4774a694436a8755c4670797dbd3,

title = "Linking Operational IT failures to IT control weaknesses",

abstract = "Operational IT failures have significant negative impacts on firms but little is known about their origins. Building on accounting research linking adverse operational events to SOX-disclosed control weaknesses (CWs) over financial reporting, we study the origins of IT failures in relation to IT-CWs. We use a sample of 212 operational IT failures where the confidentiality, integrity, or availability of data assets and functional IT assets (hardware, networks, etc.) has been compromised. We find that IT failures are linked to a relatively small set of IT-CWs, where each IT failure type is linked to a distinctly different subset of IT-CWs. Moreover, IT failures that are more harmful to the firm are found to be associated with IT-CWs that are more severe in the sense that they are more difficult to remediate.",

keywords = "CobiT, Information systems risk, It control weaknesses, Operational IT failure",

author = "Michel Benaroch and Anna Chernobay",

year = "2015",

language = "English (US)",

booktitle = "2015 Americas Conference on Information Systems, AMCIS 2015",

publisher = "Americas Conference on Information Systems",

note = "21st Americas Conference on Information Systems, AMCIS 2015 ; Conference date: 13-08-2015 Through 15-08-2015",

}

TY - GEN

T1 - Linking Operational IT failures to IT control weaknesses

AU - Benaroch, Michel

AU - Chernobay, Anna

PY - 2015

Y1 - 2015

N2 - Operational IT failures have significant negative impacts on firms but little is known about their origins. Building on accounting research linking adverse operational events to SOX-disclosed control weaknesses (CWs) over financial reporting, we study the origins of IT failures in relation to IT-CWs. We use a sample of 212 operational IT failures where the confidentiality, integrity, or availability of data assets and functional IT assets (hardware, networks, etc.) has been compromised. We find that IT failures are linked to a relatively small set of IT-CWs, where each IT failure type is linked to a distinctly different subset of IT-CWs. Moreover, IT failures that are more harmful to the firm are found to be associated with IT-CWs that are more severe in the sense that they are more difficult to remediate.

AB - Operational IT failures have significant negative impacts on firms but little is known about their origins. Building on accounting research linking adverse operational events to SOX-disclosed control weaknesses (CWs) over financial reporting, we study the origins of IT failures in relation to IT-CWs. We use a sample of 212 operational IT failures where the confidentiality, integrity, or availability of data assets and functional IT assets (hardware, networks, etc.) has been compromised. We find that IT failures are linked to a relatively small set of IT-CWs, where each IT failure type is linked to a distinctly different subset of IT-CWs. Moreover, IT failures that are more harmful to the firm are found to be associated with IT-CWs that are more severe in the sense that they are more difficult to remediate.

KW - CobiT

KW - Information systems risk

KW - It control weaknesses

KW - Operational IT failure

UR - http://www.scopus.com/inward/record.url?scp=84963502772&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84963502772&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:84963502772

BT - 2015 Americas Conference on Information Systems, AMCIS 2015

PB - Americas Conference on Information Systems

T2 - 21st Americas Conference on Information Systems, AMCIS 2015

Y2 - 13 August 2015 through 15 August 2015

ER -

Linking Operational IT failures to IT control weaknesses

Abstract

Other

Keywords

ASJC Scopus subject areas

Other files and links

Fingerprint

Cite this