Search results

1 – 10 of over 62000
Article
Publication date: 21 November 2008

Juan L. Gandía

The purpose of this paper is to analyse the corporate governance information disclosed by Spanish listed companies on the internet, with the objective of assessing the…

2877

Abstract

Purpose

The purpose of this paper is to analyse the corporate governance information disclosed by Spanish listed companies on the internet, with the objective of assessing the extent and the influence of several corporate characteristics on the level of information voluntarily disclosed.

Design/methodology/approach

The study took as its reference the existing literature on the examination of the quality of web sites and the importance of content as a key variable in determining web site quality. To quantify the corporate governance information disclosed by Spanish listed companies, three transparency indexes were designed. To contrast which variables determine the information provided online, the investigation based itself on studies about voluntary disclosure in companies, and three lineal regressions models and an ANOVA analysis were performed.

Findings

The empirical evidence obtained reveals that the firms that score highest for transparency are also those that are most likely to use the internet as a channel for the disclosure of corporate governance information. The results show that disclosure levels depend on the degree to which firms are followed by analysts, their listing age, their “visibility” and the fact of belonging to the communications and information services industry.

Practical implications

The need for this study was clear in view of the increasing interest shown by supervisory authorities for the oversight of the European and US capital markets in regulating not only the content but also the manner in which corporate governance information is disclosed over the internet. During the coming years, regulatory stock market agencies will have to strive to take advantage of the opportunities that the internet offers to increase both the relational and informational capacity of company web sites.

Originality/value

Corporate governance research has focused mainly on the analysis of the information that firms ought to disclose and the effects of disclosure generally, without considering the media involved. This paper suggests a new approach that examines the relevance of technology, particularly the internet, and orients supervisory authorities in the direction to follow for improving corporate governance transparency in listed companies.

Details

Online Information Review, vol. 32 no. 6
Type: Research Article
ISSN: 1468-4527

Keywords

Article
Publication date: 5 March 2018

Emily M. Coyne, Joshua G. Coyne and Kenton B. Walker

Big Data has become increasingly important to multiple facets of the accounting profession, but accountants have little understanding of the steps necessary to convert Big…

4756

Abstract

Purpose

Big Data has become increasingly important to multiple facets of the accounting profession, but accountants have little understanding of the steps necessary to convert Big Data into useful information. This limited understanding creates a gap between what accountants can do and what accountants should do to assist in Big Data information governance. The study aims to bridge this gap in two ways.

Design/methodology/approach

First, the study introduces a model of the Big Data life cycle to explain the process of converting Big Data into information. Knowledge of this life cycle is a first step toward enabling accountants to engage in Big Data information governance. Second, it highlights informational and control risks inherent to this life cycle, and identifies information governance activities and agents that can minimize these risks.

Findings

Because accountants have a strong ability to identify the informational and control needs of internal and external decision-makers, they should play a significant role in Big Data information governance.

Originality/value

This model of the Big Data life cycle and information governance provides a first attempt to formalize knowledge that accountants need in a new field of the accounting profession.

Details

International Journal of Accounting & Information Management, vol. 26 no. 1
Type: Research Article
ISSN: 1834-7649

Keywords

Article
Publication date: 15 January 2019

Paul Anthony Mullon and Mpho Ngoepe

As an emerging discipline, information governance (IG) presents a number of challenges to organisations and countries. For example, IG has not yet been clearly defined and…

1370

Abstract

Purpose

As an emerging discipline, information governance (IG) presents a number of challenges to organisations and countries. For example, IG has not yet been clearly defined and current proponents present the concepts as records management, information management, enterprise content management, privacy (data protection), freedom of information, corporate governance, information risk, information security and e-discovery, to mention just a few areas. At an organisational level, initiatives focus on one of these aspects, often conflicting with the other elements, and are initiated because of some immediate business challenge, such as the introduction of the Protection of Personal Information Act (data protection or privacy legislation) in South Africa. This is compounded by the fact that the country creates many fragmented policies and pieces of legislation on the same IG aspects which are conducted in a disjointed manner. This study aims to present an integrated IG framework at the country level, comprising key success factors, required instruments (policy and legislation), principles and a proposed list of elements or disciplines, which should be managed in a cohesive manner.

Design/methodology/approach

This study adopted the Information Governance Initiative’s pinwheel facets of IG to design an integrated framework of elevating IG to country level. The pinwheel helped to identify different facets of information disciplines and the responsible oversight mechanism for implementation in South Africa. The study relied on data obtained through content analysis of policy documents, legislative frameworks, and literature review regarding the identified facets of IG in South Africa.

Findings

The study established that only some aspects/domains/facets of IG are legislated and driven by policy in South Africa. These domains are at different levels of maturity and different stakeholder groups are responsible for each domain; for instance, the National Archives of South Africa is responsible for records management and the State Information Technology Agency is responsible for information technology, while the newly established Information Regulator is responsible for freedom of information and data privacy. There is generally no over-arching structure responsible for overall IG in South Africa as the elements are fragmented in various oversight mechanisms and institutions. As a result, domains compete for limited resources and often lead to “knee-jerk” responses to legislative, legal or risk drivers.

Research limitations/implications

It is concluded that if IG is not regulated and modelled at a country level, it is highly unlikely to filter down to organisations. Implementing IG at country level will go a long way in helping to filter it down to an organisation level.

Originality/value

The study is useful by presenting a framework to ensure that IG is implemented at the country level with a single coordinating body established for oversight mechanisms such as the Information Regulator (which currently has a narrow scope of privacy and freedom of information, although with limited resources).

Details

Records Management Journal, vol. 29 no. 1/2
Type: Research Article
ISSN: 0956-5698

Keywords

Article
Publication date: 24 April 2020

Victoria L. Lemieux, Chris Rowell, Marc-David L. Seidel and Carson C. Woo

Distributed trust technologies, such as blockchain, propose to permit peer-to-peer transactions without trusted third parties. Yet not all implementations of such…

1088

Abstract

Purpose

Distributed trust technologies, such as blockchain, propose to permit peer-to-peer transactions without trusted third parties. Yet not all implementations of such technologies fully decentralize. Information professionals make strategic choices about the level of decentralization when implementing such solutions, and many organizations are taking a hybrid (i.e. partially decentralized) approach to the implementation of distributed trust technologies. This paper conjectures that while hybrid approaches may resolve some challenges of decentralizing information governance, they also introduce others. To better understand these challenges, this paper aims first to elaborate a framework that conceptualizes a centralized–decentralized information governance continuum along three distinct dimensions: custody, ownership and right to access data. This paper then applies this framework to two illustrative blockchain case studies – a pilot Brazilian land transfer recording solution and a Canadian health data consent sharing project – to exemplify how the current transition state of blockchain pilots straddles both the old (centralized) and new (decentralized) worlds. Finally, this paper outlines the novel challenges that hybrid approaches introduce for information governance and what information professionals should do to navigate this thorny transition period. Counterintuitively, it may be much better for information professionals to embrace decentralization when implementing distributed trust technologies, as hybrid models could offer the worst of both the centralized and future decentralized worlds when consideration is given to the balance between information governance risks and new strategic business opportunities.

Design/methodology/approach

This paper illustrates how blockchain is transforming organizations and societies by highlighting new strategic information governance challenges using our original analytic framework in two detailed blockchain case studies – a pilot solution in Brazil to record land transfers (Flores et al., 2018) and another in Canada to handle health data sharing consent (Hofman et al., 2018). The two case studies represent research output of the first phase of an ongoing multidisciplinary research project focused on gaining an understanding of how blockchain technology generates organizational, societal and data transformations and challenges. The analytic framework was developed inductively from a thematic synthesis of the findings of the case studies conducted under the auspices of this research project. Each case discussed in detail in this paper was chosen from among the project's case studies, as it represents a desire to move away from the old centralized world of information governance to a new decentralized one. However, each case study also represents and embodies a transition state between the old and new worlds and highlights many of the associated strategic information governance challenges.

Findings

Decentralization continues to disrupt organizations and societies. New emerging distributed trust technologies such as blockchain break the old rules with respect to the trust and authority structures of organizations and how records and data are created, managed and used. While governments and businesses around the world clearly see value in this technology to drive business efficiency, open up new market opportunities and create new forms of value, these advantages will not come without challenges. For information executives then, the question is not if they will be disrupted, but how. Understanding the how as will be discussed in this paper provides the business know how to leverage the incredible innovation and transformation that decentralized trust technology enables before being leapfrogged by another organization. It requires a change of mindset to consider an organization as one part of a broader ecosystem, and for those who successfully do so, this paper views this as a strategic opportunity for those responsible for strategic information governance to design the future instead of being disrupted by it.

Research limitations/implications

This paper presents a novel analytic framework for strategic information governance challenges as we transition from a traditional world of centralized records and information management to a new decentralized world. This paper analyzes these transitions and their implications for strategic information governance along three trajectories: custody, ownership and right to access records and data, illustrating with reference to our case studies.

Practical implications

This paper predicts a large number of organizations will miss the opportunities of the new decentralized trust world, resulting in a rather major churning of organizations, as those who successfully participate in building the new model will outcompete those stuck in the old world or the extremely problematic hybrid transition state. Counterintuitively, this paper argues that it may be much less complex for information executives to embrace decentralization as fast as they can, as in some ways the hybrid model seems to offer the worst of both the centralized and future decentralized worlds with respect to information governance risks.

Social implications

This paper anticipates broader societal consequences of the predicted organization churn, in particular with respect to uncertainty about the evidence that records provide for public accountability and contractual rights and entitlements.

Originality/value

Decentralized trust technologies, such as blockchain, permit peer-to-peer transactions without trusted third parties. Of course, such radical shifts do not happen overnight. The current transition state of blockchain pilots straddles both the old and new worlds. This paper presents a theoretical framework categorizing strategic information governance challenges on a spectrum of centralized to decentralized in three primary areas: custody, ownership and right to access records and data. To illustrate how decentralized trust is transforming organizations and societies, this paper presents these strategic information governance challenges in two blockchain case studies – a pilot Brazilian land transfer recording solution and a Canadian health data consent sharing project. Drawing on the theoretical framework and case studies, this paper outlines what information executives should do to navigate this thorny transition period.

Details

Records Management Journal, vol. 30 no. 3
Type: Research Article
ISSN: 0956-5698

Keywords

Article
Publication date: 25 November 2013

Juerg Hagmann

This paper aims to discuss the still immature concept of information governance (IG) from a records and information management (RIM) perspective and attempts to identify

6013

Abstract

Purpose

This paper aims to discuss the still immature concept of information governance (IG) from a records and information management (RIM) perspective and attempts to identify some critical aspects, essential elements and challenges, drawing on lessons learned from corporate experience in a global setup.

Design/methodology/approach

After a critical consideration of the notion “information governance” the paper reports some issues which turned out to be major barriers to success during IG implementation within a given organisation.

Findings

Practical experience highlights the importance of carefully scoping IG frameworks in larger organisations; in particular, balancing the representation of all relevant stakeholders (especially lines of business) and targeting investment in initiatives that foster an information management culture. Equally critical to success is corporate communication which truly values information as a corporate asset and highlights the importance of information lifecycle management rather than technology under the motto “putting the ‘I’ into IT”.

Research limitations/implications

This paper draws on experience from a single case study to discuss some of the cultural factors that influence the design and implementation of IG in general. However, more empirical research is needed in order to broaden the understanding of the impact of IG programmes in real-world organisations.

Practical implications

When implementing IG programmes in global organisations it should not be limited to an IT perspective alone. The biggest challenge is the fact that no department or discipline alone can achieve the desired results. Success is only possible in an orchestrated scenario with clear value propositions for specific business functions.

Originality/value

Based on a small selection of professional literature on the IG approach, the paper presents findings about issues and pitfalls when setting up and implementing an IG programme. It is hoped that it will inspire more exploratory research of this kind from members of the records management community to encourage them to raise the need for IG in their own organisations.

Details

Records Management Journal, vol. 23 no. 3
Type: Research Article
ISSN: 0956-5698

Keywords

Article
Publication date: 12 October 2010

Ahmad Abu‐Musa

This paper seeks to empirically examine the existence and implementation of information security governance (ISG) in Saudi organizations.

3895

Abstract

Purpose

This paper seeks to empirically examine the existence and implementation of information security governance (ISG) in Saudi organizations.

Design/methodology/approach

An empirical survey, using a self‐administered questionnaire, is conducted to explore and evaluate the current status and the main features of ISG in the Saudi environment. The questionnaire is developed based on ISG guidelines for boards of directors and executive management issued by the Information Technology (IT) Governance Institute and other related materials available in the literature. A total of 167 valid questionnaires are collected and processed using the Statistical Package for Social Sciences, version 16.

Findings

The results of the study reveal that although the majority of Saudi organizations recognize the importance of ISG as an integrant factor for the success of IT and corporate governance, most of them have no clear information security strategies or written information security policy statements. The majority of Saudi organizations have no disaster recovery plans to deal with information security incidents and emergencies; information security roles and responsibilities are not clearly defined and communicated. The results also show that alignment between ISG and the organization's overall business strategy is relatively poor and not adequately implemented. The results also show that risk assessment procedures are not adequately and effectively implemented, ISG is not a regular item in the board's agenda, and there are no properly functioning ISG processes or performance‐measuring systems in the majority of Saudi organizations. Accordingly, appropriate actions should be taken to improve implementing and measuring the ISG performance in Saudi organizations.

Originality/value

From a practical standpoint, managers and practitioners alike stand to gain from the findings of this study. The results of the paper enable them to better understand and evaluate ISG and to champion IT development for business success in Saudi organizations.

Details

Information Management & Computer Security, vol. 18 no. 4
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 12 March 2018

Mathew Nicho

The frequent and increasingly potent cyber-attacks because of lack of an optimal mix of technical as well as non-technical IT controls has led to increased adoption of…

1938

Abstract

Purpose

The frequent and increasingly potent cyber-attacks because of lack of an optimal mix of technical as well as non-technical IT controls has led to increased adoption of security governance controls by organizations. The purpose of this paper, thus, is to construct and empirically validate an information security governance (ISG) process model through the plan–do–check–act (PDCA) cycle model of Deming.

Design/methodology/approach

This descriptive research using an interpretive paradigm follows a qualitative methodology using expert interviews of five respondents working in the ISG domain in United Arab Emirates (UAE) to validate the theoretical model.

Findings

The findings of this paper suggest the primacy of the PDCA Deming cycle for initiating ISG through a risk-based approach assisted by industry-wide best practices in ISG. Regarding selection of ISG frameworks, respondents preferred to have ISO 27K supported by NIST as the core framework with other relevant ISG frameworks/standards forming the peripheral layer. The implementation focus of the ISG model is on mapping ISO 27K/NIST IT controls relevant IT controls selected from ISG frameworks from a horizontal and vertical perspective. Respondents asserted the automation of measurement and control mechanism through automation to assist in the feedback loop of the PDCA cycle.

Originality/value

The validated model helps academics and practitioners gain insight into the methodology of the phased implementation of an information systems governance process through the PDCA model, as well as the positioning of ITG and ITG frameworks in ISG. Practitioners can glean valuable insights from the empirical section of the research where experts detail the success factors, the sequential steps and justification of these factors in the ISG implementation process.

Details

Information & Computer Security, vol. 26 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 4 March 2014

Sanjay Bahl and O.P. Wali

Information security is a growing concern in society, across businesses and government. As the offshore IT services market continues to grow providing numerous benefits…

1642

Abstract

Purpose

Information security is a growing concern in society, across businesses and government. As the offshore IT services market continues to grow providing numerous benefits, there are also perceived risks with respect to the quality of information security delivered in the supply chain. This paper aims to examine, as a case, the perceptions of Indian software services provider (service provider) employees with respect to information security governance and its impact on information security service quality that is delivered to customers.

Design/methodology/approach

The paper provides a framework built upon the existing dimensions and instruments for total quality management and service quality, suitably modified to reflect the context of information security. SmartPLS, a structural equation modelling technique, has been used to analyse field survey data collected from across various Indian cities and companies.

Findings

Significant finding is that information security governance in an IT outsourcing company providing software services has a highly significant impact on the information security service quality, which can be predicted. The paper also establishes that there is a positive relationship collectively between elements of information security governance and information security service quality.

Research limitations/implications

Since data used in this study were taken solely from the responses of employees of outsourced service companies in India, it does not show if this translates into service improvements as perceived by the customer.

Practical implications

Information security governance should be made an integral part of corporate governance and is an effective strategic technique, if software outsourcing business enterprises want to achieve a competitive edge, provide client satisfaction and create trust.

Originality/value

The paper presents empirical data validation of the connection between information security governance and quality of service.

Details

Information Management & Computer Security, vol. 22 no. 1
Type: Research Article
ISSN: 0968-5227

Keywords

Article
Publication date: 2 October 2017

Maali Kachouri and Anis Jarboui

The purpose of this paper is to investigate the relationship between corporate governance effectiveness and information transparency. Hence, this paper seeks to extend…

1480

Abstract

Purpose

The purpose of this paper is to investigate the relationship between corporate governance effectiveness and information transparency. Hence, this paper seeks to extend prior information transparency research.

Design/methodology/approach

This study uses a sample of 28 non-financial listed Tunisian companies and covers an eight-year period from 2006 to 2013. To test the hypotheses of this research, a simultaneous equation system model was applied.

Findings

The results obtained show that, for the Tunisians companies, corporate governance practices have a significant positive effect on information transparency. The current study also provides evidence that pertinent information can improve corporate governance index.

Research limitations/implications

The findings may be of interest to the academic researchers, practitioners and regulators who are interested in discovering the quality of corporate governance practices in Tunisian context.

Practical implications

The findings of this study can help Tunisian regulators in creating corporate governance disclosure requirements. The findings also provide the African business community insights concerning the quality of corporate governance and of corporate reporting.

Social implications

This research helps also to inform regulators about the benefits of disclosure more information to investors and to the firm. For instance, how the information can be a source of transparency and stability in the firms what and favors the social environment of the firms.

Originality/value

This paper extends the existing literature by examining the causal relationship between corporate governance and information transparency.

Details

Journal of Financial Reporting and Accounting, vol. 15 no. 3
Type: Research Article
ISSN: 1985-2517

Keywords

Article
Publication date: 30 September 2020

Sameh Mekaoui, Emna Brahem and Hanen Moalla

This study aims to investigate, on the one hand, the impact of the Tunisian Revolution and internal governance mechanisms (especially, the ownership structure and the…

Abstract

Purpose

This study aims to investigate, on the one hand, the impact of the Tunisian Revolution and internal governance mechanisms (especially, the ownership structure and the board of directors structure on the extent of voluntary information disclosure [VID]) and on the other hand, the moderating effect of the Tunisian Revolution on the relationship between the internal corporate governance mechanisms and the VID.

Design/methodology/approach

A content analysis of 362 annual reports is used for determining the level of VID. This study covers a 10-year period (2007-2016) which is divided into two sub-periods (before and after the Tunisian Revolution). The generalized least squares regression model was used to investigate the effect of the Tunisian Revolution, ownership structure and the board of directors structure on the VID.

Findings

The Tunisian companies disclose less voluntary information after the Tunisian Revolution because of a decrease in the disclosure of information related to results, intangible assets, non-financial information and management’s discussion and analysis. The authors’ findings highlight the importance of the moderating effect of the revolution. After the Tunisian Revolution, a positive relationship was found, on the one hand, between institutional ownership, board size and board independence, and the VID on the other hand. Besides, companies with dual structures and with a high level of foreign ownership are less reluctant to the VID. Moreover, different governance mechanisms are related to different types of information disclosed. These relationships were affected by the Tunisian Revolution.

Practical implications

This piece of research could be useful for managers, investors and different stakeholders. It can help managers in improving their VID and thus their companies’ transparency, mainly in developing countries and in times of crisis. Moreover, it could be helpful for investors and stakeholders for their decision-making, especially in crisis periods.

Originality/value

This study contributes to the literature by investigating the VID in a developing country and in times of crisis. It widens knowledge by analyzing the types of voluntary information disclosed. It is one of the few pieces of research investigating this issue. Moreover, it is the first research analyzing the consequences on the VID of the revolutions in the Arab countries that have experienced an Arab Spring Revolution.

Details

Journal of Financial Reporting and Accounting, vol. 20 no. 1
Type: Research Article
ISSN: 1985-2517

Keywords

1 – 10 of over 62000