ISSN: 2222-6990
Open access
Financial reports are important documents that stakeholders never ignore, and Information Technology (IT) is utilized throughout firms to increase operation efficiency. However, prior researches studies Information Technology Governance (ITG) that relates to cybersecurity risks, thus, this paper takes step further to reviews board level ITG literature that is relevant to Corporate Governance (CG) and discuss how it impacts on the quality of financial reports. This paper systematically presents a taxonomy of research encompassing the focus areas: performance, cybersecurity losses, more accurate earnings forecasts, lower audit fees based upon prior studies in ITG over the period 2010-2020. The main finding is that results reveal a lack of board level ITG under CG research and a lack of the relation between board level ITG and financial results. Therefore, this paper discusses research perspectives and identify avenues for future research in last part, research perspectives and future research could focus on how to improve CG based on IT and the financial consequences of CG with IT.
Andriole, S. (2009). Boards of directors and technology governance: The surprising state of the practice. Communications of the Association for Information Systems 24(1), pp. 373–394.
Bailey, T., Kaplan, J., and Rezek, C. (2014). Why senior leaders are on the front line against cyberattacks. Elevate (http://www.elevateconsult.com/why-senior-leaders-are-the-front-line-againstcyberattacks/).
Bart, C., and Turel, O. (2010). IT and the board of directors: An empirical investigation into the “governance questions” Canadian board members ask about IT. Journal of Information Systems 24(2), pp. 147–172.
Benaroch, M., and Chernobai, A. (2017). Operational IT failures, IT value destruction, and board-level IT governance changes. MIS Quarterly 41(3), pp. 729–762.
Brazel, J. F., and Agoglia, C. P. (2007). An Examination of Auditor Planning Judgements in a Complex Accounting Information System Environment. Contemporary Accounting Research 24 (4), pp. 1059–83.
Butler, R., and Butler, M. J. (2010). Beyond King III: Assigning accountability for IT governance in South African enterprises. South African Journal of Business Management 41(3), pp. 33–45.
Center for Audit Quality (CAQ). (2014). CAQ Approach to Audit Quality Indicators. Available at: http://www.thecaq.org/docs/reports-and-publications/caq-approach-to-audit-quality-indicators-april-2014.pdf?sfvrsn=2
Coertze, J., and von Solms, R. (2014). The board and CIO: The IT alignment challenge. In HICSS 2014 Proceedings.
Comptia. (2018). IT industry outlook 2018. Available at:
https://www.comptia.org/resources/it-industry-trends-analysis
Committee of Sponsoring Organizations of the Treadway Commission (COSO). 2004. Enterprise risk management—Integrated framework. Available at: https://www.coso.org/Publications/ERM/COSO_ERM_ExecutiveSummary.pdf
De Haes, S., and Van Grembergen, W. (2009). An exploratory study into IT governance implementations and its impact on business/IT alignment. Information Systems Management 26(2), pp. 123–137
De Haes, S., Van Grembergen, W., Joshi, A., and Huygh, T. (2020). Enterprise Governance of Information Technology. Third Edition.
Debreceny, R. S., and Gray, G. L. (2013). IT governance and process maturity: A multinational field study. Journal of Information Systems 27 (1), pp. 157–188.
De Haes, S., and Van Grembergen, W. (2015). Enterprise governance of information technology. Switzerland: Springer.
EI Diri, M. (2018). Introduction to Earnings Management. Springer Nature
Ernst & Young (EY). 2016. From risk averse to risk aware. Available at: https://www.ey.com/Publication/vwLUAssets/EY-From-riskaverse-to-risk-aware/$FILE/EY-From-risk-averse-to-risk-aware.PDF
Hackenbrack, K. E., Jenkins, N. T., and Pevzner, M. (2014). Relevant but delayed information in negotiated audit fees. Auditing: A Journal of Practice & Theory, 33(4), pp. 95–117
Haislip, J., and Richardson, V. (2018). The Effect of CEO IT Expertise on the Information Environment: Evidence from Earnings Forecasts and Announcements. Journal of Information Systems 32(2), pp. 71-94.
Haislip, J. Peters, G. F., and Richardson, V. J. (2016). The effect of auditor IT expertise on internal controls. International Journal of Accounting Information Systems 20, pp. 1-15.
Haislip, J., Karim, K., Lin, K. J., and Pinsker, R. (2016a). The influences of CEO IT expertise and board-level technology committees on disclosure timeliness. In proceedings of the Accounting Information Systems Midyear Meeting, Houston, TX
Haislip, J., Masli, A., Richardson, V., and Sanchez, J. M. (2016b). Repairing Organizational Legitimacy Following Information Technology (IT) Material Weaknesses: Executive Turnover, IT Expertise, and IT System Upgrades. Journal of Information Systems 30(1), pp. 41-70.
Haislip, J., Lim, J. H., and Pinsker, R. (2017). Do the Roles of the CEO and CFO Differ when it comes to Data Security Breaches? Twenty-third Americas Conference on Information Systems. Boston.
Hakim, F., and Omri, M. (2010). Quality of the external auditor, information asymmetry, and bid-ask spread. International Journal of Accounting and Information Management 18 (1), pp. 5-18.
Hall, J. A., and Liedtka, S. L. (2005). Financial Performance, CEO Compensation, and Large-Scale Information Outsourcing Decisions. Journal of Management Information Systems 22(1), pp. 193-221.
Heninger, W. G., Johnson, E. N., and Kuhn, J. R. (2018). The Association between IT Material Weaknesses and Earnings Management. Journal of information systems 32 (3), pp. 53–64.
Heroux, S., and Fortin, A. (2013). The internal audit function in information technology governance: A holistic perspective. Journal of Information Systems 27 (1), pp.189–217
Higgs, J. L., Pinsker, R. E., Smith, T. J. and Young, G. R. (2016). The relationship between board-level technology committees and reported security breaches. Journal of Information Systems 30 (3), pp. 79–98.
Holder, A., Karim, K., Lin, K. J., and Pinsker, R. (2016). Do material weaknesses in information technology-related internal controls affect firms’ 8-K filing timeliness and compliance? International Journal of Accounting Information Systems 22, pp. 26–43.
Huff, S. L., Maher, P., and Munro, M. C. (2006). Information technology and the board of directors: Is there an IT attention deficit? MIS Quarterly Executive 5 (2), pp. 55–68.
ISACA. (2018). COBIT 2019 introduction and methodology. Available at:
https://www.isaca.org/COBIT/Pages/COBIT-2019-FrameworkIntroduction-and-Methodology.aspx
ISO/IEC 38500:2015. (2015). Information Technology—Governance of IT for the organization. International Organization for Standardization. Available at:
https://www.iso.org/home.html,/std
IT Governance Institute (ITGI). (2005). Board Briefing on IT Governance. Rolling Meadows, IL: The IT Governance Institute
Jewer, J., and McKay, K. (2012). Antecedents and consequences of board IT governance: Institutional and strategic choice perspectives. Journal of the Association for Information Systems 13(7), pp. 581–617
Kappelman, L., McLean, Johnson, V., and Gerhart, N. (2014). The 2014 SIM IT key issues and trends study. MIS Quarterly Executive 13 (4), pp. 237–263.
Khalil, S., and Belitski, M. (2020). Dynamic capabilities for firm performance under the information technology governance framework. European Business Review 32(2), pp. 129-157
Kickenweiz, B., Sedlock, G., and Daum, J. H. (2016). Technology in the boardroom: Five things Directors should be thinking about. Online:
https://www.spencerstuart.com/research-and-insight/technology-in-the boardroom-five-things-directors-should-be-thinking-about.
Kuruzovich, J., Bassellier, G., and Sambamurthy, V. (2012). IT governance processes and IT alignment: Viewpoints from the board of directors. In 2012 45th Hawaii International Conference on System Sciences. pp. 5043–5052.
Kwon, J., Rees, J., and Wang, T. (2013). The association between top management involvement and compensation and information security breaches. Journal of Information Systems 27 (1), pp. 219-236
Li, C., Lim, J. H., and Wang, Q. (2007). Internal and external influences on IT control governance. International Journal of Accounting Information Systems 8 (4), pp. 225–239.
Liu, C. W., Huang, P. and Lucas, H. C. 2016. IT governance, security outsourcing, and cybersecurity breaches: Evidence from the US. Available at: https://doi.org/10.2139/ssrn.2850178
Loh, L., and Venkatraman, N. (1992). Diffusion of information technology outsourcing: Influence sources and the Kodak effect. Information Systems Research 3(4), pp. 334–358.
Luftman, J., and Kempaiah, R. (2008). Key issues for IT executives 2007. MIS Quarterly Executive 7(2), pp. 99– 112.
Messier, W. F., Eilifsen, A., and Austen, L. A. (2004). Auditor Detected Misstatements and the Effect of Information Technology. International Journal of Auditing 8, pp. 223–235.
Mohamad, S., Hendrick, M., O’Leary, C., and Best, P. (2014). Developing a model to evaluate the information technology competence of boards of directors. Corporate Ownership & Control 12(1), pp. 64–74.
Nolan, R., and McFarlan, F. (2005). Information technology and the board of directors. Harvard Business Review 83(10), pp. 96–106.
Oliver, G. R., and Walker, R. G. (2006). Reporting on software development projects to senior managers and the board. Abacus, 42(1), pp. 43–65.
Paquette, S. (2010). Discussion of ‘A capabilities-based approach to obtaining a deeper understanding of information technology governance effectiveness: Evidence from IT steering committees.’ International Journal of Accounting Information Systems 11 (3), pp. 236–238.
Paredes, A. A. P., and Wheatley, C. M. (2018). Do Enterprise Resource Planning Systems (ERPs) Constrain Real Earnings Management? Journal of information systems 32 (3), pp. 65–89
Peterson, R. R. (2004). Crafting information technology governance. Information Systems Management, 21(4), pp. 7–22.
Posthumus, S., Von Solms, R., and King, M. (2010). The board and IT governance: The what, who and how. South African Journal of Business Management 41(3), pp. 23–32.
Prasad, A., Heales, J., and Green, P. (2010). A capabilities-based approach to obtaining a deeper understanding of information technology governance effectiveness: Evidence from IT steering committees. International Journal of Accounting Information Systems 11 (3), pp. 214–232.
Premuroso, R. F., and Bhattacharya, S. (2007). Is there a relationship between firm performance, corporate governance, and a firm’s decision to form a technology committee? Corporate Governance: An International Review 15(6), pp. 1260–1276.
Price, J. B., and Lankton, N. (2018). A Framework and Guidelines for Assessing and Developing Board-Level Information Technology Committee Charters. Journal of Information Systems 32, pp. 109-129.
PricewaterhouseCoopers (PWC). ( 2006). IT Governance in Practice: Insight for Leading CIOs. New York, NY: PricewaterhouseCoopers.
Sambamurthy, V., and Zmud, R. (2012) . Guiding the Digital Transformation of Organisations. Legerity Digital Press. Available at http://www.ldpress.com.
Sambamurthy, V., and Zmud, R. W. (1999). Arrangements for information technology governance: A theory of multiple contingencies. Management Information Systems Quarterly 23 (2), pp. 261–290.
Schlosser, F., Beimborn, D., Weitzel, T., and Wagner, H. T. (2015). Achieving social alignment between business and IT—An empirical evaluation of the efficacy of IT governance mechanisms. Journal of Information Technology, 30(2), pp. 119–135.
Smith, T. J., Higgs, L. J., and Pinsker, R. E. (2019). Do Auditors Price Breach Risk in Their Audit Fees? Journal of Information Systems 33(2), pp. 177-204.
Thomas, R. J., Schrage, M., Bellin, J. B., and Marcotte, G. (2009). How boards can be better—A manifesto. MIT Sloan Management Review 50 (2), pp. 69–74.
Turel, O., and Bart, C. (2014). Board-level IT governance and organizational performance. European Journal of Information Systems 23(2), pp. 223–239.
Turel, O., Liu, P., and Bart, C. (2017). Board-level information technology governance effects on organizational performance: The roles of strategic alignment and authoritarian governance style. Information Systems Management 34(2), pp. 117–136.
Valentine, E., and Stewart, G. (2013a). Director competencies for effective enterprise technology governance. In 24th Australasian Conference on Information Systems (ACIS), pp. 1–11.
Valentine, E., and Stewart, G. (2013b). The emerging role of the board of directors in enterprise business technology governance. International Journal of Disclosure and Governance 10(4), pp. 346–362.
Valentine, E., and Stewart, G. (2015). Enterprise business technology governance: Three competencies to build board digital leadership capability. In HICSS 2015 Proceedings.
Van Grembergen, W. (2002). Introduction to the minitrack IT governance and its mechanisms. In Proceedings of the 35th Hawaii International Conference on System Sciences, edited by R. H. Sprague Jr. Big Island, HI: ICSS.
Vasarhelyi, M. A., Warren, J. D., Teeter, J. R. A., and Titera, W. R. (2014). Embracing the automated audit. Journal of Accountancy 217 (4), pp. 34–37.
Vincent, N. E., Higgs, J. L., and Pinsker, R. E. (2019). Board and Management-Level Factors Affecting the Maturity of IT Risk Management Practices. Journal of Information Systems 33(3), pp. 117-135.
Weill, P., and Ross, J. (2004). IT governance: How top performers manage IT decision rights for superior results. Harvard Business Press
Wilkin, C. L., and Chenhall, R. H. (2010). A review of IT governance: A taxonomy to inform accounting information systems. Journal of Information Systems 24(2), pp. 107–146.
Wu, S. P. J., Straub, D. W., and Liang, T. P. (2015). How information technology governance mechanisms and strategic alignment influence organizational performance: Insights from a matched survey of business and IT managers. MIS Quarterly, 39(2), pp. 497–518.
Xu, H., Guo, S., Haislip, J., and Pinsker, R. (2019). Earnings Management in Firms with Data Security Breaches. Journal of Information Systems 33 (3), pp. 267–284.
Yayla, A. A., and Hu, Q. (2014). The effect of board of directors’ IT awareness on CIO compensation and firm performance. Decision Sciences 45 (3), pp. 401–436.
Yayla, A., and Hu, Q. (2008). Determinants of CIO compensation structure and its impact on firm performance, Proceedings of the 41st annual Hawaii international conference on system sciences.
Zukis, B. (2016). Information technology and cybersecurity governance in a digital world. In The Handbook of Board Governance: A Comprehensive Guide for Public, Private, and Not for Profit Board Members, edited by R. Leblanc, 555–573. Wiley Online Library
In-Text Citation: (Lai et al., 2022)
To Cite this Article: Lai, M., Basiruddin, R., & Menshawy, I. M. (2022). A Review of Board Level IT Governance: A Taxonomy to Inform the Quality of Financial Reports. International Journal of Academic Research in Business and Social Sciences, 12(10), 1460 – 1475.
Copyright: © 2022 The Author(s)
Published by Human Resource Management Academic Research Society (www.hrmars.com)
This article is published under the Creative Commons Attribution (CC BY 4.0) license. Anyone may reproduce, distribute, translate and create derivative works of this article (for both commercial and non0-commercial purposes), subject to full attribution to the original publication and authors. The full terms of this license may be seen at: http://creativecommons.org/licences/by/4.0/legalcode