Discussion of "audit Firm Assessments of Cyber-Security Risk: Evidence from Audit Fees and SEC Comment Letters"

Aaron Yoon*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

The study by Rosati, Gogolin, and Lynn (in this issue) examines the impact of cyber-security incidents on audit fees. Using audit fee as a proxy for audit effort and risk, it takes 168 cyber-security incidents during 2005-2014 that are collected by the Privacy Rights Clearinghouse and documents that breached firms are charged higher audit fees. In addition, the authors find that the increase in audit fee is only temporary and exists during the t-1 to t+1 window surrounding the breach. Finally, this study also finds that the audit fee increases post SEC comment letters that are related to cyber-security incidents. Overall, my assessment of the paper is that it is well executed and well written. More importantly, it adheres well to its stated research question. The following are my written comments, which are based on my discussion of this paper at the 30th Annual TJIA Conference, regarding this paper's contribution, framing, and empirical execution.

Original languageEnglish (US)
Article number1950018
JournalInternational Journal of Accounting
DOIs
StateAccepted/In press - 2020

ASJC Scopus subject areas

  • Accounting
  • Finance

Fingerprint Dive into the research topics of 'Discussion of "audit Firm Assessments of Cyber-Security Risk: Evidence from Audit Fees and SEC Comment Letters"'. Together they form a unique fingerprint.

Cite this