IT internal control weaknesses and firm performance: An organizational liability lens

The information systems literature and the public press have called for organizations to more closely scrutinize their information technology (IT) controls; however, little more than anecdotal evidence exists on the business value of quality IT internal control, beyond regulatory compliance. In this paper, we (a) advance an organizational liability perspective to the question of IT internal control value; and (b) use the unique setting provided by the enactment of the Sarbanes–Oxley Act of 2002 (SOX) to investigate the relationship between IT internal control weaknesses (ICWs) and both accounting earnings (a contemporaneous measure of firm performance) and market value (a forward looking, risk-adjusted measure of firm performance). Using a data set that provides audited annual assessments of the effectiveness of both IT and non-IT internal controls for a cross-section of companies as mandated by SOX, we find that firms that report an IT ICW have lower accounting earnings compared to firms with strong IT internal controls. We also find that IT ICW moderates the association between accounting earnings and market valuation, with firms reporting weak IT internal controls having a lower earnings multiple. These results are sustained even after controlling for non-IT ICWs and firm-specific factors that are known determinants of ICWs, and are reinforced using an inter-temporal changes analysis in which we use each firm as its own control at a different point in time. Overall, our results provide empirical evidence which suggests that IT internal controls are a strategic necessity and that information systems risk is priced by the capital markets. The implications of these findings for theory and practice are discussed.     

Measuring the performance of IT services: An assessment of SERVQUAL

As many organisations search for ways to compete more effectively in today's ever-growing markets, information technology (IT) has become quite critical in organisational control due to the enormous size of its expenditure. As a result, managers have faced growing pressure to measure the performance of IT departments. However, the applicability of traditional performance measures in an IT setting is at best questionable and, thus, there is an urgent need for alternative measurement systems. One such measure is service quality as perceived by customers of IT service. This study develops a conceptual “gaps model” of IT service quality, which identifies seven gaps between customers and suppliers of IT service. Furthermore, the study examines the applicability of SERVQUAL, perhaps the most popular standardised survey instrument designed to measure service quality, as the measure of IT service quality.     

How executives can shape their company's information systems.

When a big New York bank expanded in London, technical specialists in the two cities disagreed about which vendor's information system was best. The debate continued for several months until finally the technical experts took the issue to a senior-management policy committee. But the senior managers didn't understand the terminology and kept postponing the decision. Meanwhile, the London office complained loudly that the slowdown was threatening the unit's growth. Like the bank, most companies need a new approach to making decisions about information technology (IT), especially since it now affects so many aspects of the business. The company's technical experts seldom understand the overall business, and the senior managers who understand the business are usually lost when it comes to computers. One way to blend both perspectives is to establish a task force that solicits input from top management and creates a set of principles to guide subsequent investments in information technology. By drawing on 10 to 15 statements that reflect management's basic beliefs about how the company should use IT, the task force translates the language of corporate strategy into computerese. For instance, an electronics company wanted various functions to act more like one company. It created a principle that said, "Information systems will provide application that support cross-functional integration of business processes." Managers making subsequent decisions about computers could immediately rule out any technologies that contradicted that statement. Principles thus speed up the decision-making process, but more important, they ensure that every investment in IT helps the corporation achieve its strategic goals.     

Key performance indicators as supplements to earnings: Incremental informativeness,demand factors,measurement issues,and properties of their forecasts

The documented decline in the information content of earnings numbers has paralleled the emergence of disclosures, mostly voluntary, of industry-specific key performance indicators (KPIs). We find that the incremental information content conveyed by KPI news is significant for many KPIs yet diminished when details about the computation of the KPI are absent or when the computation changes over time. Consistent with analysts responding to investor information demand, we find that analysts are more likely to produce forecasts for a KPI when that KPI has more information content and when earnings are less informative. We also analyze the properties of analysts’ KPI forecasts and find that KPI forecasts are more accurate than mechanical forecasts and their accuracy exceeds that of earnings forecasts. Our study contributes to the literature on the information content of KPIs as well as research on the properties of analysts’ forecasts. We provide evidence on whether and how to regulate voluntary disclosures.

     

The Information Technology Payoff: Implications For Investment Appraisal

Substantial business resources are being dedicated to information technology (IT) but little is known about the effects of these investments on the performance of firms. This paper reports the results of a study of 33 manufacturing firms' investments in IT and their subsequent performance. The study analysed six years' data collected from three senior officers of each firm. Three types of IT investment were studied: strategic, informational and transactional. While firms which invested heavily in transactional IT were consistently better performers, this effect was not apparent with the other types of IT. These results have policy implications for the methods used to appraise future IT investments. Standard discounted cashflow methods are not suited to all types of IT investments. This article suggests different approaches to IT appraisal for different types of IT investment.     

The impact of technology-motivated M&A and joint ventures on the value of IT and non-IT firms: a new examination

We extend Lee and Lim (Rev Quant Financ Account 27:111–123, 2006) who provide empirical evidence on the impact of mergers and acquisitions (M&As) and joint ventures on the value of information technology (IT) and non-IT firms. Using technology-motivated transactions, we examine whether there are differences in market response to the announcement of M&As and joint ventures, and we consider the long-term performance of such firms. We find the market provides no (positive) reaction to joint ventures (M&As) at the announcement. We also present new evidence suggesting the market reacts more favorably to the announcement of technology M&As relative to joint ventures for our full sample, IT sample and non-IT sample. However, our examination of these firms’ long-term performance suggests the initial reaction is not fully supported. The findings suggest improved (declining) operating performance for joint venture (M&A) firms, and evidence to conclude joint venture firms achieve superior long-term performance changes for both accrual- and cash-based measures. To explain these inconsistencies, we employ a set of control variables previously documented as determinants of the innovation ownership decision. For joint venture firms, we find that, while the market fails to consider the importance of the firms’ R&D intensity and growth prospects in its initial reaction, these are ultimately key indicators of their future performance. The evidence also suggests the market overreacts to M&A announcements because it over-weights the impact of R&D intensity on the firms’ future performance in its initial response.     

Does IT investment improve bank performance? Evidence from Europe

This paper investigates whether investment in information technology (IT) – hardware, software and other IT services – influences the performance of banks. Using a sample of 737 European banks over the period 1995–2000 we analyse whether IT investment is reflected in improved performance (measured using both standard accounting ratios and cost and alternative profit efficiency measures). Despite banks being major investors in IT we find little relationship between total IT investment and improved bank profitability or efficiency indicating the existence of a profitability paradox. However, the impact of different types of IT investment (hardware, software and services) on banks’ performance is heterogeneous. Investment in IT services from external providers (consulting services, implementation services, training and education, support services) appears to have a positive influence on accounting profits and profit efficiency, while the acquisition of hardware and software seems to reduce banks’ performance.     

Corporate Insurance as a Necessary Form of Consultant–Investigator Contract

Existing literature argues that corporate insurance is purchased because the insurance company produces risk management information for publicly held corporations. In this article, we address a fundamental question as to why other financial intermediaries cannot perform the same information production function as the insurance company. We argue that when the risk manager of the firm performs multiple tasks and needs consulting and investigation services from an outside agent for efficient risk management, the optimal contract with the agent has to be in the form of an insurance contract. Other types of contracts, such as flat-fee contracts, cannot be optimal. Therefore, the insurance company is ideally suited to provides these services.     

The impact of information technology on performance in the not-for-profit sector

The relation between IT usage and performance has been a central question in the AIS literature since the late 1990s. Empirical research has not yet examined whether organizational-level differences in how IT is used are associated with performance, nor whether the lagged performance effects found in for-profit settings carry over to a not-for-profit setting. Spending on information technology (IT) in K-12 schools has grown significantly in the U.S. over the past decade and performance in this sector has significant spillover effects in other sectors. This study examines the effects on performance of a change in how IT is used on a continuum from an automation role to an informating/transforming approach. A sample of over 6300 organizations (schools) having over 700,000 students in grades 3, 8 and 11 is examined. Both short-term (year-over-year) and longer-term (four-year) performance effects are investigated. We find that a change in how IT is used is associated with an increase in performance in two of the three school levels, and that these mean effects are comparable in magnitude to those found for IT spending in for-profit settings. These effects only become positive after four years, and vary across school level. This is the first study to provide large sample evidence of the performance effect of a change in how IT is used at the organizational level. This has significant implications for research investigating the effects of investments in IT on organizational performance and for stakeholders including policy makers, managers, legislators and taxpayers.     

Business Alignment: Versicherungsfachwissen als Kernkompetenz der IT

Information technology (IT) of insurance companies refers to the variety of organizational units that are in charge of development, implementation and operation of the specific entrepreneurial IT-applications. Our analyses follow the notion that nowadays information technologies departments face increasing cost pressure and the modern reflex of introducing outsourcing-and offshoring-measures does not necessarily lead to cost reductions. Therefore a closer cooperation of IT departments and other organizational units is crucial and strengthens the improvement of competitiveness of the entire insurance company. Furthermore a method leading to a gradual Business Alignment of IT departments within insurance companies will be introduced.     

Integrated performance management using information technology: a study of UK charities

This paper explores how UK charities use information technology (IT) to support integrated performance management (IPM). Based on six case studies of small and medium-sized charities (SMCs), it finds that SMCs see IT as important for IPM, but face significant barriers establishing effective IPM. The paper concludes that charities would benefit from a more strategic infrastructure approach to IT, integrating IT for data, information and knowledge.     

Explaining the choice of accounting standards in municipal corporations: Positive accounting theory and institutional theory as competitive or concurrent theories

Municipal corporations exist in an institutional twilight area, being both private and public, a characteristic, which presumably would be reflected in their choice of accounting standards. The literature of accounting choice does not, however, live in a twilight area, but is fragmented into two main divisions: positive accounting theory (PAT) and institutional theory (IT); only in a very few cases do the theories meet or cross-fertilize. We use both theories in this paper and derive hypotheses from them to explain accounting choices made by municipal corporations. Through testing the hypotheses on a sample of 545 Swedish municipal corporations, we indicate the empirical relevance of both PAT and IT. We conclude by suggesting an integrative approach of PAT and IT in an eclectic alternative.     

Getting IT right

Modern information technology started four decades ago, yet in most major corporations, IT remains an expensive mess. This is partly because the relatively young and rapidly evolving practice of IT continues to be either grossly misunderstood or blindly ignored by top management. Senior managers know how to talk about finances because they all speak or understand the language of profit and loss and balance sheets. But when they allow themselves to be befuddled by IT discussions or bedazzled by three-letter acronyms, they shirk a critical responsibility. In this article, the authors say a systematic approach to understanding and executing IT can and should be implemented, and it should be organized along three interconnected principles: A Long-Term IT Renewal Plan Linked to Corporate Strategy. Such a plan focuses the entire IT group on the company's over-arching goals during a multiyear period, makes appropriate investments directed toward cutting costs in the near term, and generates a detailed blueprint for long-term systems rejuvenation and value creation. A Simplified, Unifying Corporate Technology Platform. Instead of relying on vertically oriented data silos that serve individual corporate units (HR, accounting, and so on), companies adopt a clean, horizontally oriented architecture designed to serve the whole organization. A Highly Functional, Performance-Oriented IT Organization. Instead of functioning as if it were different from the rest of the firm or as a loose confederation of tribes, the IT department works as a team and operates according to corporate performance standards. Getting IT right demands the same inspired leadership and superb execution that other parts of the business require. By sticking to the three central principles outlined in this article, companies can turn IT from a quagmire into a powerful weapon.     

Accounting quality,bank monitoring,and performance pricing loans

We provide new evidence on the determinants of performance pricing provisions in bank loan contracts. We find that firms that are easier to monitor, such as those with better accounting quality, lower information opacity, or a stronger relationship with the lender are more likely to have performance pricing loans. The use of performance pricing is less likely after financial restatement events. Furthermore, we find that the likelihood of using accounting-based (as opposed to credit-rating-based) pricing provisions increases as the firm’s accounting quality increases, and as the strength of the prior lending relation increases. Our results are robust to alternative measures of accounting quality, information opacity, and bank monitoring, and suggest that monitoring costs have a significant impact on the design of debt contracts.     

Managing for Value 2.0

In Finance 101, future corporate managers are taught that the social mission of public companies is to maximize their own longrun (or “intrinsic”) value by investing in all positive net present value (NPV) projects—that is, projects that are expected to earn at least their opportunity cost of capital. In markets that are reasonably efficient, provided management does an effective job of communicating its business plan and its progress in meeting its strategic goals, companies that follow this “NPV rule” can expect to be rewarded with increases in their share prices, at least in the longer run. But in the real world, of course, the pursuit of earnings and other “key performance indicators” (KPIs) often leads to managerial shortsightedness and destruction of value. To explain why—and to help companies avoid this outcome—this article presents an approach that envisions the intrinsic value of the company as an invisible “blue line” that moves through time on a graph, while showing observable key performance indicators, including revenue and earnings (and even the current stock price), as “red lines” on the same graph. The root of the problem is the failure of many companies to distinguish between their KPIs and the underlying drivers of value. KPIs, to be sure, are reflections of important aspects of the business; but however important and useful for strategic planning, they should not be used in performance evaluation or compensation plans for top management as surrogates for the underlying value of the business. Genuine value creation requires systems and a corporate culture that compel managers to pursue all projects that promise to earn the opportunity cost of capital—while treating earnings and other KPIs as means to creating value rather than ends in themselves.     

An analysis of attributes that impact information technology audit quality: A study of IT and financial audit practitioners

The importance of information technology (IT) auditing has grown with increased reliance on IT for business operations and new regulations regarding the assurance of IT for these operations. Prior work on IT and financial auditing has suggested several general frameworks that may affect IT audit quality; however, the prior work has not provided measurable constructs nor has it considered whether these proposed constructs are the same or different. Building on prior work that has proposed frameworks of IT audit quality, we identify and evaluate potential constructs suggested by these frameworks as well as financial auditing literature. We develop a survey tool and ask IT and financial accounting practitioners to assess the impact of these items on IT audit quality. A factor analysis is used to refine the set of IT audit quality factors identified, and we are able to provide insight into the prioritized impact of each factor on IT audit quality. In comparison to prior research, we find that additional factors are significant for IT audit quality and that the relative importance of the factors for IT audit quality differs for IT versus financial auditors.     

Investing in the UN Sustainable Development Goals: Opportunities for Companies and Investors

The UN's Sustainable Development Goals (SDGs) are a set of ambitious targets for making the world a better place. For both companies and their investors, the pursuit of SDGs offers a “path to value” while addressing social problems—but a path that presents significant risks as well as opportunities. To prepare themselves for the SDGs, companies and investors will have to take a number of steps: (1) determine the extent of their exposures to those SDGs that are most relevant to their businesses or investment approaches; (2) set specific goals for contributing to the most relevant and material SDGs, which means among other things reflecting such goals in incentives through the use of carefully designed metrics, or key performance indicators (KPIs); and (3) establish a system for measuring and reporting on contributions to the SDGs. For investors, it is important to recognize that not all SDGs are equally investable and that reporting on key SDG performance indicators is still too new and uneven to rely on for investment purposes. To overcome this problem, the author's firm has developed a tagging approach that alerts investors to companies' main SDG exposures. As better data becomes available, the metrics and reporting will improve. Although companies are increasingly referring to the SDGs in their investor communications, corporate discussion of targets and KPIs on the SDGs is rare. But reporting of such KPIs is likely to become the norm as investors begin to expect companies to report on their progress on achieving their goals. The author offers a number of hypothetical KPIs for SDGs while providing several examples of pioneering companies.     

In search of a rational foundation for the massive IT boom in the Australian banking industry: Can the IT boom really drive relationship banking?

Information technology (IT) is meant to improve bank performance by lowering operational costs and improving the process of financial intermediation of banks. However, the empirical evidence has failed to reach a consensus on the precise effects of IT on bank performance as some find evidence to concur with the Solow Paradox, while others contradict this paradox. The heterogeneity in the quality of banking services is partly responsible for the inconsistency in the findings. To sidestep the issue of heterogeneity, we consider the top-tier Australian banks for which the quality of banking services is homogeneous. Applying the dynamic panel data methodology, i.e., panel autoregressive distributed lag (panel ARDL) and cross-sectionally augmented panel ARDL (CS-ARDL) models, we investigate the effect of IT on the cost and profit efficiency frontiers of the top-tier Australian banks during 2000–2019. We unequivocally establish that the frontiers of bank profits rise due to the adoption and diffusion of IT investment, contradicting the assumed failure of IT to adequately collect soft information in the banking industry. Furthermore, we find that the cost frontiers have risen, driven by the IT boom. Hence, there is evidence that despite increases in operational inefficiency, IT has shifted the profit frontiers up by enhancing relationship banking in Australia.     

Critical Factors Affecting the Evaluation of Information Control Systems with the COBIT Framework

This paper empirically investigates the factors affecting auditors in evaluating information technology (IT) control structures by employing the COBIT framework, a popular IT internal control with integrated platform, and examines the relationship between monitoring function and other COBIT dimensions. The results of our empirical analysis indicate that key factors of IT governance endorsed by certified public accountants (CPAs) in Taiwan match fairly well with those prescribed in the COBIT framework. CPAs can utilize COBIT as a guideline for developing their approach to internal control structure and further limiting their audit liabilities.     

Information technology and the board of directors

Ever since the Y2K scare, boards have grown increasingly nervous about corporate dependence on information technology. Since then, computer crashes, denial of service attacks, competitive pressures, and the need to automate compliance with government regulations have heightened board sensitivity to IT risk. Unfortunately, most boards remain largely in the dark when it comes to IT spending and strategy, despite the fact that corporate information assets can account for more than 50% of capital spending. A lack of board oversight for IT activities is dangerous, the authors say. It puts firms at risk in the same way that failing to audit their books would. Companies that have established board-level IT governance committees are better able to control IT project costs and carve out competitive advantage. But there is no one-size-fits-all model for board supervision of a company's IT operations. The correct approach depends on what strategic "mode" a company is in whether its operations are extremely dependent on IT or not, and whether or not it relies heavily on keeping up with the latest technologies. This article spells out the conditions under which boards need to change their level of involvement in IT decisions, explaining how members can recognize their firms' IT risks and decide whether they should pursue more aggressive IT governance. The authors delineate what an IT governance committee should look like in terms of charter, membership, duties, and overall agenda. They also offer recommendations for developing IT policies that take into account an organization's operational and strategic needs and suggest what to do when those needs change. Given the dizzying pace of change in the world of IT, boards can't afford to ignore the state of their IT systems and capabilities. Appropriate board governance can go a long way toward helping a company avoid unnecessary risk and improve its competitive position.