本研究透過探討會計師事務所的風險預應能力、風險承擔能力及資訊稽核能力對於資訊安全認知之影響,並進一步探討高階管理人員知能,即其身份別不同之知識及經驗或能力是否具有干擾作用。本研究以會計師事務所之執業會計師及其產業之高階管理人員為研究對象,以結構性問卷蒐集資料,探討會計師事務所之風險預應能力、承擔能力、資訊稽核能力對於資訊安全認知的影響。分析 123 份有效問卷之結果顯示,風險管理機制與資訊安全認知之間具有部份構面有顯著正向關係,且高階管理人知能對於事前風險管理機制與資訊安全認知間的關係具有正向干擾作用,在高職能身份之知能的情況下,風險預應能力與資訊安全認知之正向關係會提高,而研究發現風險承擔能力與資訊安全認知在高階管理人員知能干擾作用下呈現負向關係,對於資訊稽核能力與資訊安全認知則頇透過高階管理人員之知能交互作用才有顯著正向關係。
本研究結果顯示風險管理機制事前風險預應能力與事中風險承擔能力對資訊安全認知具正向影響,若會計師事務所強化風險管理機制,將能夠更精確的掌握資訊安全;而會計師事務所內部具有高度職能之高階管理人員,能提升事前風險預應能力對資訊安全認知,然尚頇在高階人員與承擔能力之資源上有合理之分配,並且透過高階管理人員知能來強化事後資訊稽核能力以持續監理來提升資訊安全認知,業經個案調查以面對面方式搜集整合受訪個案對本研究內涵以概念化的資料呈現,並依據所蒐集的現象資料為佐證,以理解實證分析與實際案例的落差,進而支持研究所產生的推論。本研究結論提升風險管理機制與高階管理人員知能交互作用下,且能有效的資源分配是有助於提升資訊安全之公司治理效能。
risk management mechanism have a positive impact on information security cognition, and the accounting firm can learn about the information security more accurately if it strengthens the risk management mechanism. In the accounting firm, senior executives in high positions can enhance the impact of ex-ante risk proactive on information security cognition, but it is still necessary to allocate the resources of senior executives and the affordability rationally. Moreover, senior executives’ knowledge and ability can strengthen the ex-post information audit capability to improve information security cognition. Through the case survey, interviewees’ understanding on the connotation of this study is collected and integrated face to face and presented as the conceptual data, and the gap between empirical analysis and actual cases is understood based on the collected data to support the conclusions of this study. This study concludes that, if the interaction between risk management mechanism and senior executives’ knowledge and ability is improved, the effective resource allocation can help to improve the corporate governance efficiency of information security.
