Cyber Risk Management Disclosure of State-Owned Enterprises

Yeni Priatna Sari; Djoko Suhardjanto; Agung Nur Probohudono; Setianingtyas Honggowati

doi:10.15294/jda.v15i2.44817

Cyber Risk Management Disclosure of State-Owned Enterprises

Yeni Priatna Sari⁽¹⁾, Djoko Suhardjanto⁽²⁾, Agung Nur Probohudono⁽³⁾, Setianingtyas Honggowati⁽⁴⁾,

DOI: https://doi.org/10.15294/jda.v15i2.44817

(1) Politeknik Harapan Bersama
(2) Universitas Sebelas Maret
(3) Universitas Sebelas Maret
(4) Universitas Sebelas Maret

Abstract

Purpose:

The purpose of this research is to compile a cyber risk management disclosure index of State-Owned Enterprises (SOEs). This index is used to provide an overview of the disclosures that are expected by the stakeholders which are disclosed in the annual report of SOEs. Disclosure of cyber risk management is important for a business entity to show that the entity has readiness in facing digital technology which is one of the keys to the company's success.

Method:

The research method used is mixed method. The type of data is primary data sourced from Forum Group Discussion (FGD) inviting SOE Directors, audit committees, investors, risk management practitioners, and academics on how important the cyber risk management disclosure items formulated earlier are. Thirty corporate and SOE practitioners have been interviewed and internal auditor practitioners in SOEs have been sources of validity. The steps in compiling the index are first collecting cyber risk management disclosure items from the previous research and looking at ISO 31000 provisions regarding risk management.

Findings:

The result of this study is the composition of the cyber risk management disclosure index as many as 18 (eighteen) items with weighting on each disclosure item.

Novelty:The novelty of this study is the formulation of a cyber risk management measurement index which is very important in relation to risk management in a company. This research is important to be carried out as a formulation of indicators for cyber risk management management carried out by the company. Researchers anticipate that this cyber risk management disclosure index will help the government create disclosure items for cyber risk management and serve as a norm for disclosing SOE cyber risk management in its annual report.

Keywords

disclosure; cyber risk management; SOEs; financial statements; voluntary disclosure

Full Text:

PDF

References

Amran, A., Manaf Rosli Bin, A., & Che Haat Mohd Hassan, B. (2009). Risk reporting: An exploratory study on risk management disclosure in Malaysian annual reports. Managerial Auditing Journal, 24(1), 39–57. https://doi.org/10.1108/02686900910919893

ASEAN. (2020). ASEAN ICT Masterplan 2020.

Bello, Z., Yusuf, I., & Nuhu, A. (2019). Effect of Board and Corporate Characteristics on Risk Management Disclosure of Listed Insurance Companies in Nigeria. MJBE Special Edition, 1(1), 2289–8018. https://jurcon.ums.edu.my/ojums/index.php/mjbe/article/view/2062

Chau, G., & Gray, S. J. (2010). Family ownership, board independence and voluntary disclosure: Evidence from Hong Kong. Journal of International Accounting, Auditing and Taxation, 19(2), 93–109. https://doi.org/10.1016/j.intaccaudtax.2010.07.002

CNN. (2020). RI Jadi Target Serangan Siber Terbesar Ke-2 di ASEAN Kala WFH. CNN Indonesia. https://www.cnnindonesia.com/teknologi/20200512172258-185-502625/ri-jadi-target-serangan-siber-terbesar-ke-2-di-asean-kala-wfh

CyberRisk. (2016). What is cyber risk, and why should I care? Northbridge Insurance. https://www.nbins.com/blog/cyber-risk/what-is-cyber-risk-2/

Deloitte. (2020). The Thailand Digital Transformation Survey Report 2020. https://www2.deloitte.com/content/dam/Deloitte/th/Documents/technology/th-tech-the-thailand-digital-transformation-report.pdf

Drisko, J. W., & Maschi, T. (2016). Content Analysis. Oxford University Press.

Haes, S. De, & Grembergen, W. Van. (2017). An Exploratory Study into IT Governance Implementations and its Impact on Business / IT Alignment An Exploratory Study into IT Governance Implementations and its Impact on Business / IT Alignment. Information Systems Management, 0530(October). https://doi.org/10.1080/10580530902794786

Hashim, F., & Koon, L. T. (2016). Corporate Risk Management Disclosure and Sustainability of Public Listed Companies in Malaysia: the Role of Diversification. Global Business and Management Research: An International Journal, January, 1–16.

Jia, J., Li, Z., & Munro, L. (2019). Risk management committee and risk management disclosure: evidence from Australia. Pacific Accounting Review, 31(3), 438–461. https://doi.org/10.1108/PAR-11-2018-0097

Joshi, A., Bollen, L., & Hassink, H. (2013). An Empirical Assessment of IT Governance Transparency: Evidence from Commercial Banking. Information Systems Management, 30(2), 116–136. https://doi.org/10.1080/10580530.2013.773805

Joshi, A., Bollen, L., Hassink, H., De Haes, S., & Van Grembergen, W. (2018). Explaining IT governance disclosure through the constructs of IT governance maturity and IT strategic role. Information and Management, 55(3), 368–380. https://doi.org/10.1016/j.im.2017.09.003

Kamaruzaman, S. A., Ali, M. M., Ghani, E. K., & Gunardi, A. (2019). Ownership structure, corporate risk disclosure and firm value: A Malaysian perspective. International Journal of Managerial and Financial Accounting, 11(2), 113–131. https://doi.org/10.1504/IJMFA.2019.099766

Kosub, T. (2015a). Components and challenges of integrated cyber risk management. Zeitschrift Für Die Gesamte Versicherungswissenschaft. https://link.springer.com/article/10.1007/s12297-015-0316-8

Kosub, T. (2015b). Determinants and Challenges of Integrated Cyber Risk Management. In Zeitschrift für die gesamte Versicherungswissenschaft. actuaries.asn.au. https://www.actuaries.asn.au/Library/Events/ASTINAFIRERMColloquium/2015/AFIRERM6Determinantsand.pdf

Kunjana, G. (2017). Revolusi Digital. Investor Daily. https://investor.id/editorial/revolusi-digital

Martin, R., Yadiati, W., & Pratama, A. (2018). Corporate Social Responsibility Disclosure and Company Financial Performance: Do High and Low Profile Industry Moderate the Result? Indonesian Journal of Sustainability Accounting and Management, 2(1), 15. https://doi.org/10.28992/ijsam.v2i1.42

McKinsey&Company. (2020). COVID-19-Facts-and-Insights-July-6. Global Health and Crisis Response, 1–54.

Nagel, L. (2020). The influence of the COVID-19 pandemic on the digital transformation of work. International Journal of Sociology and Social Policy, 40(9), 861–875. https://doi.org/10.1108/IJSSP-07-2020-0323

Natalia, E. C. (2018). Rp 10 kuadriliun, Risiko Kerugian Serangan Siber di ASEAN. CNBC Indonesia. https://www.cnbcindonesia.com/tech/20180124060959-37-2350/rp-10-kuadriliun-risiko-kerugian-serangan-siber-di-asean

OECD. (2017). OECD Survey of Corporate Governance Frameworks in Asia.

Okul, Ş., Muratoğlu, O., Aydın, M. A., & Bilge, H. Ş. (2019). A Review on Cyber Risk Management. Acta INFOLOGICA, 3(1). https://doi.org/10.26650/acin.502589

Suhardjanto, D., & Miranti, L. (2010). Indonesian Environmental Reporting Index. Jurnal Akuntansi Dan Auditing Indonesia, 13(1), 63–67.

Wiki, I. L. (2012). Cyber asset.

Https://Itlaw.Fandom.Com/Wiki/Cyber_asset.

Zeghal, D. (2005). A Content Analysis of Risk Management Disclosures in Canadian Annual Reports. file:///H:/AADISERTASI UMI/AADISERTASI/MANAJEMEN RESIKO/RISK DISCLOSURE/lajili2005.pdf

Refbacks

There are currently no refbacks.

Jurnal Dinamika Akuntansi is licensed under aÂ Creative Commons Attribution 4.0 International License

Username
Password
Remember me