Model
Digital Document
Publisher
Florida Atlantic University
Description
In December 2009, the Securities Exchange Commission (SEC) approved enhanced proxy disclosure rules requiring companies to disclose the board’s leadership
structure and the board’s role in risk oversight. Apart from general business risks, boards
are increasingly interested in Information Technology (IT) risks as it affects all aspects of
the organization (PricewaterhouseCoopers [PwC], 2013). Since the effectiveness of IT
risk management depends on senior managers’ actions, this dissertation attempts to
answer the question of whether the maturity of IT risk management practices (the extent
to which management performs particular activities to identify, assess, monitor and
respond to IT-related risks) in organizations depends on the Chief Information Office
(CIO) reporting structure and the board’s leadership structure.
structure and the board’s role in risk oversight. Apart from general business risks, boards
are increasingly interested in Information Technology (IT) risks as it affects all aspects of
the organization (PricewaterhouseCoopers [PwC], 2013). Since the effectiveness of IT
risk management depends on senior managers’ actions, this dissertation attempts to
answer the question of whether the maturity of IT risk management practices (the extent
to which management performs particular activities to identify, assess, monitor and
respond to IT-related risks) in organizations depends on the Chief Information Office
(CIO) reporting structure and the board’s leadership structure.
Member of