Sylvie Héroux scite author profile

The internal audit function's (IAF) role has evolved from traditional (accounting and financial control) to more strategic (governance). The business environment has changed as well, and nowadays relies considerably on information technology (IT). Only a few studies have investigated IT governance from a holistic perspective. Further, no study has closely examined IAF involvement in IT governance as a whole. This study uses a holistic approach to describe IAF involvement in IT governance and to explore the influence of IAF characteristics on this involvement. Survey results indicate that IAF involvement in IT governance structures, processes, and relational capabilities has not fully expanded. Also, IAF resources and IT audit experience, IT personnel and IT training/certification, and interaction between the IAF and board of directors committees influence IAF involvement in overall IT governance. These IAF characteristics influence each dimension of IAF involvement in IT governance differently. The overall results should be useful to internal auditors, senior executives, and board members seeking to enhance, assess, or make changes to their organization's IT governance.

show abstract

Cybersecurity Disclosure by the Companies on the S&P/TSX 60 Index

Héroux

Fortin

2020

Accounting Perspectives

View full text Add to dashboard Cite

Cybersecurity has become a topic of great interest since 2010. Accounting issues surrounding cybersecurity governance, management, and disclosure have gained attention from accounting standard setters, large accounting firms, and professional associations, but only a limited number of studies have looked at cybersecurity disclosure. In this study, we examine whether the content of cybersecurity disclosures of Canadian firms comprising the S&P/TSX 60 index is aligned with best practices—that is, financial regulators' guidelines in that matter. A content analysis was performed of documents issued between January 2017 and mid‐2018, consisting of recent annual information forms (AIFs), annual and quarterly management's discussion and analysis (MD&As), proxy circulars, material change reports, and news releases. To assess the nature and extent of cybersecurity disclosure, we developed a scoring grid featuring 40 items based on financial regulators' guidelines. Results show that cybersecurity disclosure levels are low. Companies vary widely in the amount of detail they provide, and the information is often not company‐specific. The variations among industrial sectors involve the categories related to cybersecurity risk, cybersecurity risk mitigation, and other items. Most of the companies provided cybersecurity disclosures in the annual MD&A, and several reiterated some disclosure items in the AIF and proxy circular. The results of this study highlight some areas where cybersecurity disclosures have evolved and others where they could be improved. They suggest that some firms strive to avoid boilerplate language and be more company‐specific. The findings also suggest that financial regulators could issue more stringent requirements.

show abstract

Exploring the Influence of Executive Management Diversity on IT Governance

Héroux

Fortin

2017

JISTEM

View full text Add to dashboard Cite

As all organizations are attaching more strategic importance to information technology (IT), IT governance has gained researchers' interest. In fact, a large body of literature focuses on firm-specific or executive management attributes such as leadership as determinants of IT governance. However, it is still relevant to identify other factors influencing IT governance. Since executive management demographics and demographic diversity have an impact on strategic decisions, we explore the influence of executive management diversity on IT governance. Results suggest that IT governance for a high educationalhigh tenure diversity profile differs significantly from that for a low industry-moderate tenure diversity profile and a high industry-low tenure diversity profile. Furthermore, IT governance structures differ according to executive management diversity profile more than IT governance processes and relational mechanisms.

show abstract

Exploring IT Dependence and IT Governance

Héroux

Fortin

2014

Information Systems Management

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Sylvie Héroux

The moderating role of IT-business alignment in the relationship between IT governance, IT competence, and innovation

The Internal Audit Function in Information Technology Governance: A Holistic Perspective

Cybersecurity Disclosure by the Companies on the S&P/TSX 60 Index

Exploring the Influence of Executive Management Diversity on IT Governance

Exploring IT Dependence and IT Governance

Contact Info

Product

Resources

About