Description

Business enterprises can seek external audits of there IS Governance controls in order to demonstrate that they are suitably designed and operating effectively in their supportive role of mitigating risk. SSAE 16-based SOC assurances and ISO 27001 certifications are third-party validations a business can obtain to increase stakeholder’s trust on the organization’s ability to safeguard its assets and operations. This study proposes to examine the impact of these certifications on enterprise risks as perceived by external investors of publicly traded companies in the U.S. A Risk-Adjusted Marked Model is proposed to examine market valuation effects, as measured by abnormal returns, as well as systematic risk effects, as measured by pre-event and post-event beta changes. For further insight, a cross sectional analysis relating risk changes to different types of certifications and firm characteristics is also proposed.

Download

Share

COinS
 

Impact of IS Governance Certifications on Enterprise Risk

Business enterprises can seek external audits of there IS Governance controls in order to demonstrate that they are suitably designed and operating effectively in their supportive role of mitigating risk. SSAE 16-based SOC assurances and ISO 27001 certifications are third-party validations a business can obtain to increase stakeholder’s trust on the organization’s ability to safeguard its assets and operations. This study proposes to examine the impact of these certifications on enterprise risks as perceived by external investors of publicly traded companies in the U.S. A Risk-Adjusted Marked Model is proposed to examine market valuation effects, as measured by abnormal returns, as well as systematic risk effects, as measured by pre-event and post-event beta changes. For further insight, a cross sectional analysis relating risk changes to different types of certifications and firm characteristics is also proposed.