CEO权力与审计委员会在网络安全风险管理中的作用

The Role of CEO Power and Audit Committees in Cybersecurity Risk Management

International Journal of Accounting · 2025
被引 2
ABS 3

中文导读

研究CEO权力和审计委员会如何影响企业的网络安全风险管理,发现权力大的CEO和有效的审计委员会更可能推动网络安全风险管控,且这种效应在年轻、任期短或国籍多元的CEO所在公司中更强。

Abstract

Synopsis The research problem Considering cybersecurity as a strategic ethical decision rather than a technical concern, this study explored how CEO power and audit committees (ACs) impact cybersecurity risk management (CRM) and what role other CEO attributes play in shaping this nexus. Previous research has provided limited insight into the possible factors influencing CRM. This study addresses this research gap. Motivation or theoretical reasoning We were motivated by the lack of empirical evidence on the role of CEO power and ACs in CRM. The study uses stewardship and resource dependence theories to explain how CEO power and ACs influence CRM. The test hypotheses Our paper tested two hypotheses: (1) CEO power is positively associated with CRM and (2) AC characteristics are positively associated with CRM. Target population The study was based on a sample of nonfinancial companies listed on the London Stock Exchange (FTSE-All-Share) from 2014 to 2020, totaling 1,036 firm-year observations. Adopted methodology The study used the probit model. Analyses We used different measures of CEO power and ACs. Additional analyses were done to control for CEO attributes such as tenure, age, and nationality, as well as firm-specific characteristics, including firm size, firm risk, and financial health. Findings Our findings show that powerful CEOs are more likely to be associated with CRM. Furthermore, effective ACs are more likely to exercise greater oversight over cybersecurity risk. These effects are stronger in firms with younger CEOs, CEOs with shorter tenure, or CEOs of diverse nationalities. Powerful CEOs and ACs are more likely to be associated with CRM in large, risky, and financially healthy firms. This study calls for CEOs and ACs to take on a broader remit and provides original evidence of their role in CRM.

公司治理网络安全风险管理审计委员会CEO权力