Login (DCU Staff Only)
Login (DCU Staff Only)

DORAS | DCU Research Repository

Explore open access research and scholarly works from DCU

Advanced Search

Cyber-security incidents and audit quality

Rosati, Pierangelo orcid logoORCID: 0000-0002-6070-0426, Gogolin, Fabian and Lynn, Theo orcid logoORCID: 0000-0001-9284-7580 (2020) Cyber-security incidents and audit quality. European Accounting Review, 31 (3). pp. 701-728. ISSN 0963-8180

As signals of internal control weaknesses, cyber security incidents can represent significant risk factors to the quality of financial reporting. We empirically assess the audit quality implications of data breaches for a large sample of US firms. Using a difference-in-difference approach based on a matched sample of breached and non-breached firms, we find no evidence that cyber-security incidents result in a decline in audit quality. Instead, we observe positive shifts in four widely-used proxies for audit quality. We document that breached firms (i) experience a decrease in abnormal accruals, (ii) are less likely to report small profits or small earnings increases, (iii) are more likely to be issued a going concern report, and (iv) are less likely to restate their financial statements in the two years following a breach. Our results indicate that auditors effectively offset increases in audit risk through additional substantive testing and audit effort. Our evidence supports the view that auditors have increased their audit risk awareness and put in place adequate procedures to deal with the consequences of cybersecurity incidents.
Item Type:Article (Published)
Uncontrolled Keywords:Cyber Security; External Audit; Audit Quality, SEC Comment Letter.
Subjects:Business > Accounting
DCU Faculties and Centres:DCU Faculties and Schools > DCU Business School
Publisher:Taylor & Francis
Official URL:https://dx.doi.org/10.1080/09638180.2020.1856162
Copyright Information:© 2020 Taylor & Francis
Use License:This item is licensed under a Creative Commons Attribution-NonCommercial-Share Alike 3.0 License. View License
Funders:Irish Centre for Cloud Computing and Commerce, an Irish national Technology Centre funded by Enterprise Ireland and the Irish Industrial Development Authority, and by the Irish Institute of Digital Business
ID Code:25939
Deposited On:01 Jun 2021 10:31 by Pierangelo Rosati . Last Modified 15 Sep 2022 10:03

Full text available as:

[thumbnail of Rosati et al. (2020) - Cyber-security Incidents and Audit Quality - Final Version.pdf]
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader


Downloads per month over past year

Archive Staff Only: edit this record