| This 3-essay study offers a comprehensive examination of hypothetical concepts related to the behaviors, attitudes, outcomes, processes, experiences, manifestations and indicators connected with an organization's design, implementation and management of a coherent set of policies, processes and systems to manage risks to its information assets. Network analysis tools are used to examine the relationships found in Information Security Management Systems (ISMS) literature published within the last decade. This study examines the effect of upgrades and implementations of enterprise systems on enterprise risk, as perceived by external investors. Finally, this study also assesses the impact of external IT governance certifications on enterprise risk, as perceived by investors and as reported by publicly traded companies. The 3-essay structure of the study also considers the moderating effects of certain system characteristics and certification types. |
