In their efforts to implement an effective IT-governance framework, many companies have acquired IS-Audit staff to provide executive management with information on IS-risks. For the purpose of effective communication, it would be helpful to understand how IS-Auditors, ISmanagement and executive management shape their perception of IS-risks, since this forms the basis for their judgement and decision making.
In this study we focus on IS-Managers’ Risk Perception. More precise we investigated the relative contribution of Probability-information and Impact-information to the Perceived Risk of 32 ISmanagers of a financial institution. We conclude that Impact is the more dominant factor determining their perceived risk. We discuss explanations and consequences of the results.
Nuijten, Arno; Zwiers, Bert; and van der Pijl, Gert, "The Effect of IS-Auditors’ Risk Information on ISManagers’ Perceived Risk" (2008). BLED 2008 Proceedings. 31.