Search results

This paper aims to analyze the effect of data breaches – whose concerns and implications can be legal, social and economic – on companies’ overall performance.

Information on data breaches was collected from online compilations, and financial data on breached companies was collected from the Mergent Online database. The financial variables used were related to profitability, liquidity, solvency and company size to analyze the financial performance of the breached companies before and after the data breach event. Nonfinancial data, such as the type and the size of the breaches, was also collected. The data was analyzed using multiple regression.

The results confirm that nonmandatory information related to announcements of data breaches is a signal of companies’ overall performance, as measured by profitability ratios, return on assets and return on equity. The study does not confirm a relationship between data breaches and stock market reaction when measuring quarterly changes in share prices.

The main limitation of the study relates to ratio and trend analyses. Such analyses are commonly used when researching accounting information. However, they do not directly reflect the companies’ conditions and realities, and they rely on companies’ released financial reports. Another limitation concerns the confounding factors. The major confounding factors around the data breaches’ dates were identified; however, this was not enough to assure that other factors were not affecting the companies’ financial performance. Because of the nature of such events, this study needs to be replicated to include specific information about the companies using case studies. Therefore, the authors recommend replicating the research to validate the article’s findings when each industry makes more announcements available.

To remediate the risks and losses associated with data breaches, companies may use their reserved funds.

Company data breach announcements signal internal deficiencies. Therefore, the affected companies become liable to their employees, customers and investors.

The paper contributes to both theory and practice in the areas of accounting finance, and information management.

This article investigates the business performance of a sample of companies announcing outsourcing contracts. Performance effects are investigated by measures including operating profit, earnings margin, return on shareholders’ capital, reduction in employment cost and research and development expenditure prior to and subsequent to the outsourcing announcement. The conclusion is that outsourcing companies’ profitability and liquidity decrease in years in which outsourcing announcements occur, and tend to increase in the subsequent year. Also, it is possible that the short‐term and long‐term financial structure of outsourcing companies is altered.

Discusses the treatment of outsourcing in company accounts. In particular, it considers the application of several accounting standards that may be relevant to the presentation of outsourcing agreements in the financial statements. The way in which these principles are implemented in the relevant financial statements, with respect to outsourcing between 1991 and 1997, is the main focus of the paper. In practice, accountants, in the majority of the cases, consider outsourcing contracts as immaterial contracts and, generally, they do not include any note of the outsourcing contracts in the financial statements. This implies that accountants (auditors) consider each outsourcing contract as an individual contract without taking into consideration its aggregate effects. Finally, the degree to which FRS 12 raises issues with respect to the outsourcing agreements is considered in this paper and their presentation in accounts is considered.

This study explores the link between ISO 9001 certification, personal data protection and firm performance using financial balance sheet and survey data. The security aspect of data protection is analyzed based on the major requirements of the General Data Protection Regulation and mapped to the relevant controls of the ISO/IEC 27001/27002 standards.

The research analysis is based on 96 ISO 9001–certified and non-certified publicly traded manufacturing and service firms that responded to a structured questionnaire. The authors develop and empirically test their theoretical model using the structural equation modeling technique and follow a difference-in-differences econometric modeling approach to estimate financial performance differences between certified and non-certified firms accounting for the level of data protection.

The estimates indicate three core dimensions in the areas of “policies, procedures and responsibilities,” “access control management” and “risk-reduction techniques” as desirable components in establishing the concept of data security. The estimates also suggest that the data protection level has significantly impacted the performance of certified firms relative to the non-certified. Controlling for the effect of industry-level factors reveals a positive relationship between data security and high-technological intensity.

The results imply that improving the level of compliance to data protection enhances the link between certification and firm performance.

This study fills a gap in the literature by empirically testing the influence of data protection on the relationship between quality certification and firm performance.