Examining the Antecedents of Sarbanes-Oxley Section 404 IT Control Weaknesses: An Empirical Study
نویسنده
چکیده
The current research draws on the agency theory, the IT governance literature, and the executive compensation literature to present a theory of the antecedents of IT control weaknesses as reported under Sections 404 of Sarbanes-Oxley Act. More specifically, this paper examines the association between two categories of governance mechanisms (IT governance mechanisms and IT executive incentive alignment mechanisms) and the disclosure of IT control weaknesses. As for the IT governance mechanisms, the study findings indicate that a lower likelihood of disclosing IT-related control weaknesses is associated with having IT executives with higher levels of structural and expert power and having audit committee and corporate governance committee members with IT expertise. As for the incentive alignment mechanisms, the results indicate that the lower the pay disparity between IT executives and business executives in the top management team, the lower the likelihood of disclosing IT controls weaknesses.
منابع مشابه
The Impact of Information Technology Internal Controls on Firm Performance
Since the introduction of the Sarbanes-Oxley (SOX) Act in 2002, companies have begun to place more emphasis on information technology (IT) internal controls. IT internal controls are policies that provide assurance that technical systems operate as intended, provide reliable data, and comply with regulations. Research suggests that firms with strong internal controls perform better than those w...
متن کاملImplementing Section 404 of the Sarbanes Oxley Act: Recommendations for Information Systems Organizations
Section 404 of the Sarbanes Oxley (SOX) Act addresses the effectiveness of internal controls, which in most organizations are either fully or partially automated due to the pervasiveness and ubiquity of information technologies. Significant or material control deficiencies have to be reported publicly. The adverse impact on organizations declaring deficiencies can be severe, for example, damage...
متن کاملDiffusing Management Information for Legal Compliance: The Role of the IS Organization Within the Sarbanes-Oxley Act
Information systems are vital to successful compliance with Section 404 of the Sarbanes Oxley Act. However, there is little published academic literature which reports systematic studies that explain how IS organizations implement 404. Institutional theory was adopted as the lens through which to examine the experiences of 404 implementation in three global organizations. The methodology for th...
متن کاملThe Development of a Computer Auditing System Sufficient for Sarbanes-Oxley Section 404 - A Study on the Purchasing and Expenditure Cycle of the ERP System
After Section 404 of the Sarbanes-Oxley Act was released, developing an effective computer auditing system became critical for management and auditors. In this study, the researchers used Gowin's Vee, raised as a research strategy by Novak and Gowin (1984). On the theoretical side, the researchers arranged documents and employed an expert questionnaire to identify 8 operational procedure elemen...
متن کاملReporting Internal Control Deficiencies in the Post-Sarbanes- Oxley Era: The Role of Auditors and Corporate Governance
This study addresses the role of audit committees and auditors in the reporting of internal control deficiencies after the passage of the Sarbanes-Oxley Act (SOX). We find that a higher number of meetings of the audit committee, lesser proportion of ‘financial experts’ in the audit committee, and more auditor changes characterize firms that report weaknesses in their internal controls compared ...
متن کامل