Risk management is critical to the success of contemporary firms and while new technologies present opportunities for innovation and growth, they present new risks. Risk management of information systems and technology (IS/IT) is particularly critical because firms in almost all sectors of the economy are so dependent on it. We explore firms' response to IS/IT risk management by analyzing their SEC-mandated regulation S-K risk disclosures. We find a lower than expected incidence of risk disclosures related to IS/IT and surmise that this result may be symptomatic of tension between firms' need to comply and their need to appear to comply with the regulation, while at the same time presenting data that are valid, but which do not jeopardize potential investment. We explore three propositions related to IS/IT risk disclosures and discuss implications for research and practice.
Clute Institute for Academic Research
Blaskovich, J., Davis, C. J., & Taylor, E. Z. (2012). Enterprise risks, rewards, and regulation. Journal of Applied Business Research, 28(4), 563-580.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.