The Impact of Assurance Quality and Level on Cybersecurity Risk Management Program on Non-Professional Egyptian Investors’ Decisions: An Experimental Study

The objective of this study is to examine and analyze the impact of assurance quality (measured by the size of the audit firm performing this assurance; Big4 auditor vs. non-Big4) and assurance level (reasonable vs. limited assurance) on cybersecurity risk management program on non-professional investors’ willingness to invest and their stock valuation. To fulfil the research objective, a 2X2 between-subjects experiment was designed to test the research hypotheses.
Based on a sample of 64 MBA and postgraduate students in the Faculty of Commerce, Alexandria University and ESLSCA University, the researcher found evidence that high assurance quality (Big4 auditor) and reasonable assurance level conveyed in the assurance report on cybersecurity risk management program have a significant and positive effect on investors’ willingness to invest and their stock valuation. However, the researcher didn’t find significant difference in investors’ willingness to invest or their stock valuation in case a limited assurance report is offered by a Big4 audit firm in comparison with the case of a reasonable assurance report offered by a non-Big4 audit firm. This study adds an experimental evidence to the literature on non-audit services and cybersecurity and will help in reducing the accounting research gap related to cybersecurity risk management program, which is consistent with the Egyptian government’s efforts and attention paid to cybersecurity and its related risks.