Rosati, P, Gogolin, F and Lynn, T (2022) Cyber-security Incidents and Audit Quality. The European Accounting Review, 31 (3). pp. 701-728. ISSN 0963-8180
Abstract
As signals of internal control weaknesses, cyber security incidents can represent significant risk factors to the quality of financial reporting. We empirically assess the audit quality implications of data breaches for a large sample of US firms. Using a difference-in-difference approach based on a matched sample of breached and non-breached firms, we find no evidence that cyber-security incidents result in a decline in audit quality. Instead, we observe positive shifts in four widely-used proxies for audit quality. We document that breached firms (i) experience a decrease in abnormal accruals, (ii) are less likely to report small profits or small earnings increases, (iii) are more likely to be issued a going concern report, and (iv) are less likely to restate their financial statements in the two years following a breach. Our results indicate that auditors effectively offset increases in audit risk through additional substantive testing and audit effort. Our evidence supports the view that auditors have increased their audit risk awareness and put in place adequate procedures to deal with the consequences of cyber-security incidents.
Metadata
Item Type: | Article |
---|---|
Authors/Creators: |
|
Copyright, Publisher and Additional Information: | © 2020 European Accounting Association. This is an author produced version of an article published in the European Accounting Review. Uploaded in accordance with the publisher's self-archiving policy. |
Keywords: | Cyber Security; External Audit; Audit Quality; SEC Comment Letters |
Dates: |
|
Institution: | The University of Leeds |
Academic Units: | The University of Leeds > Faculty of Business (Leeds) > Accounting & Finance Division (LUBS) (Leeds) |
Depositing User: | Symplectic Publications |
Date Deposited: | 17 Dec 2020 13:54 |
Last Modified: | 28 Jul 2022 15:52 |
Status: | Published |
Publisher: | Routledge |
Identification Number: | 10.1080/09638180.2020.1856162 |
Open Archives Initiative ID (OAI ID): | oai:eprints.whiterose.ac.uk:169033 |