Abstract
With the growing role of information technology (IT), many organizations struggle with IT-related risks. Both IT
managers and IT auditors are involved in assessing, monitoring, and reporting IT risks, but this does not
necessarily mean that they share the same views. In this study, we draw upon the actor–observer asymmetry
perspective to understand differences in IT managers’ vs. IT auditors’ perceptions of risks. Through a quasi experiment with 76 employees of a financial institution, we found that IT managers and IT auditors showed the expected actor–observer differences. Implications for both research and practice are discussed.
managers and IT auditors are involved in assessing, monitoring, and reporting IT risks, but this does not
necessarily mean that they share the same views. In this study, we draw upon the actor–observer asymmetry
perspective to understand differences in IT managers’ vs. IT auditors’ perceptions of risks. Through a quasi experiment with 76 employees of a financial institution, we found that IT managers and IT auditors showed the expected actor–observer differences. Implications for both research and practice are discussed.
Original language | English |
---|---|
Pages (from-to) | 80-93 |
Number of pages | 14 |
Journal | Information & Management |
Volume | 55 |
Issue number | 1 |
DOIs | |
Publication status | Published - Jan 2018 |
Keywords
- Actor-observer asymmetry
- Actor–observer asymmetry
- DECISION-MAKING
- DELPHI
- EFFECT SIZE
- GROUP POLARIZATION
- INFORMATION SECURITY
- IT audit
- IT risk perception
- MIS IMPLEMENTATION
- MODEL
- PROJECT RISK
- SELECTIVE PERCEPTION
- SYSTEMS