You are here

Maturity of IT risk management practices and reporting structure: an it manager perspective

Download pdf | Full Screen View

Date Issued:
2014
Summary:
In December 2009, the Securities Exchange Commission (SEC) approved enhanced proxy disclosure rules requiring companies to disclose the board’s leadership structure and the board’s role in risk oversight. Apart from general business risks, boards are increasingly interested in Information Technology (IT) risks as it affects all aspects of the organization (PricewaterhouseCoopers [PwC], 2013). Since the effectiveness of IT risk management depends on senior managers’ actions, this dissertation attempts to answer the question of whether the maturity of IT risk management practices (the extent to which management performs particular activities to identify, assess, monitor and respond to IT-related risks) in organizations depends on the Chief Information Office (CIO) reporting structure and the board’s leadership structure.
Title: Maturity of IT risk management practices and reporting structure: an it manager perspective.
163 views
85 downloads
Name(s): Vincent, Surani, author
Higgs, Julia, Thesis advisor
Florida Atlantic University, Degree grantor
College of Business
School of Accounting
Type of Resource: text
Genre: Electronic Thesis Or Dissertation
Date Created: 2014
Date Issued: 2014
Publisher: Florida Atlantic University
Place of Publication: Boca Raton, Fla.
Physical Form: application/pdf
Extent: 89 p.
Language(s): English
Summary: In December 2009, the Securities Exchange Commission (SEC) approved enhanced proxy disclosure rules requiring companies to disclose the board’s leadership structure and the board’s role in risk oversight. Apart from general business risks, boards are increasingly interested in Information Technology (IT) risks as it affects all aspects of the organization (PricewaterhouseCoopers [PwC], 2013). Since the effectiveness of IT risk management depends on senior managers’ actions, this dissertation attempts to answer the question of whether the maturity of IT risk management practices (the extent to which management performs particular activities to identify, assess, monitor and respond to IT-related risks) in organizations depends on the Chief Information Office (CIO) reporting structure and the board’s leadership structure.
Identifier: FA00004336 (IID)
Degree granted: Dissertation (Ph.D.)--Florida Atlantic University, 2014.
Collection: FAU Electronic Theses and Dissertations Collection
Note(s): Includes bibliography.
Subject(s): Corporate governance
Decision making
Information technology -- Management
Information technology -- Social aspects
Management information systems
Risk management
Strategic planning
Held by: Florida Atlantic University Libraries
Sublocation: Digital Library
Links: http://purl.flvc.org/fau/fd/FA00004336
Persistent Link to This Record: http://purl.flvc.org/fau/fd/FA00004336
Use and Reproduction: Copyright © is held by the author, with permission granted to Florida Atlantic University to digitize, archive and distribute this item for non-profit research and educational purposes. Any reuse of this item in excess of fair use or other copyright exemptions requires permission of the copyright holder.
Use and Reproduction: http://rightsstatements.org/vocab/InC/1.0/
Host Institution: FAU
Is Part of Series: Florida Atlantic University Digital Library Collections.