Abstract
The issue of cybersecurity has become a challenge for companies and boards of directors. Cybersecurity is not only an IT topic, but a risk extended to all operations of the companies. Indeed, cybersecurity potentially has an impact on financial reporting quality, this attribution being one of the duties of audit committees. Using Endsley’s model, our exploratory study seeks to determine the levels of cyber situational awareness of audit committee members, how they comply with it and if this appraisal matches the steps identified within the model.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
NACD: Cyber-Risk Oversight. In: Clinton, L. (ed.) Director’s Handbook Series, National Association of Corporate Directors, Washington DC, USA (2017)
Higgs, J.L., Pinsker, R., Smith, T., Young, G.: The relationship between board-level technology committees and reported security breaches. J. Inf. Syst. 30(3), 79–98 (2016)
Rahimian, F., Bajaj, A., Bradley, W.: Estimation of deficiency risk and prioritization of information security controls: a data-centric approach. Int. J. Account. Inf. Syst. 20, 38–64 (2016)
Steinbart, P.J., Raschke, R.L., Gal, G., Dilla, W.N.: The influence of a good relationship between the internal audit and information security functions on information security outcomes”. Account. Organizations Soc. 71, 15–29 (2018)
CF Disclosure Guidance: Topic No. 2 - Cybersecurity - SEC.gov (2011). https://www.sec.gov/divisions/…/guidance/cfguidance-topic2.htm
Clark, M.E., Harrell, C.: Unlike chess, everyone must continue playing after a cyber-attack. J. Investment Compliance 14(4), 5–12 (2013)
Lunn, B.: Strengthened director duties of care for cybersecurity oversight: evolving expectations of existing legal doctrine. J. Law and Cyber Warfare 4(1), 109–137 (2014)
Von Solms, B.: Towards a cyber governance maturity model for boards of directors. Int. J. Bus. Cyber Secur. (IJBCS) 1(1), 1–9 (2016)
Gendron, Y., Bédard, J., Gosselin, M.: Getting inside the black box: a field study of practices, «Effective» Audit Committees. Auditing: J. Pract. Theory, 23(1), 153–171 (2004)
KPMG, Boardroom Questions. Cybersecurity - What does it mean for the board (2017). https://home.kpmg/content/dam/kpmg/be/pdf/boardroomquestions/boardroom-questions-cyber-security-what-does-it-mean-for-the-board.pdf
Endsley, M.R.: Toward a theory of situation awareness in dynamic systems. Hum. Factors J. 37(1), 32–64. Human Factors: J. Hum. Factors Ergon. Soc. 37, 32–64 (1995a)
Endsley, M.R.: Measurement of situation awareness in dynamic systems. Hum. Factors: J. Hum. Factors Ergon. Soc. 37(1), 65–84 (1995)
Damasio, A.: Descartes’ Error: Emotion, Reason and the Human Brain. Putnam Publishing, New York (1994)
Endsley, M.R.: Situation awareness analysis and measurement, chapter theoretical underpinnings of situation awareness. a critical review. In: Endsley, M.R., Garland, D.J. (eds.) Situation Awareness Analysis andMeasurement, pp. 3–33. Lawrence Erlbaum Associates, Mahwah (2000)
Yin, R.K.: Case Study Research Design and Methods. Sage, Thousand Oaks (2014)
PwC’s Global Economic Crime and Fraud Survey (2018). https://www.pwc.com/gx/en/services/advisory/forensics/economic-crime-survey.html
Advisor, The Corporate Governance: Cybersecurity 2, 5 (2014)
Acknowledgments
We thank Marion Tellechea for research support and La Région Grand Est, Pacte Grandes Ecoles, for financial support.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Thiéry, S., Fass, D. (2020). Cybersecurity Risks and Situation Awareness: Audit Committees’ Appraisal. In: Corradini, I., Nardelli, E., Ahram, T. (eds) Advances in Human Factors in Cybersecurity. AHFE 2020. Advances in Intelligent Systems and Computing, vol 1219. Springer, Cham. https://doi.org/10.1007/978-3-030-52581-1_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-52581-1_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-52580-4
Online ISBN: 978-3-030-52581-1
eBook Packages: EngineeringEngineering (R0)