IT risk management disclosure in the integrated reports of the top 40 listed companies on the JSE limited

Access full-text article here


Peer-Reviewed Research
  • SDG 16
  • SDG 12
  • Abstract:

    Abstract: Information Technology (IT) has become an integral part of virtually all modern day organisations. The advent of IT has given rise to numerous benefits which increase productivity and efficiency in the workplace, however, IT also brings with it significant risks that can have an impact on an organisation’s ability to function as a going concern. Organisations, especially those listed on the Johannesburg Stock Exchange (JSE), are required to submit an Integrated Report (IR) on an annual basis in which they indicate how they used the resources at their disposal to create value for the organisation and its stakeholders during the year under review. The IR is also a forward-looking document, as opposed to the traditional, backward-looking reports. The purpose of this paper is to determine to what extent IT Risk and IT Risk Management are disclosed in the IR’s of the Top 40 Listed Companies on the JSE. It further aims to determine whether IT Risks are included as material risk in the entity’s risk statements of the Integrated Report, and whether proper explanations are provided on how the materiality of the risks are determined and dealt with...