The Information Content of Earnings and Sys Risk

In: Business and Management

Submitted By fatmaaksoyozek
Words 6194
Pages 25





Approval of the Graduate School of Social Sciences

Prof. Dr.Sencer Ayata Director I certify that this thesis satisfies all the requirements as a thesis for the degree of Master of Business Administration.

Prof. Dr.Cengiz Erol Head of Department

This is to certify that we have read this thesis and that in our opinion it is fully adequate, in scope and quality, as a thesis for the degree of Master of Business Administration

Prof. F. N. Can Şımga-Muğan Supervisor Examining Committee Members Assoc. Prof. Zeynep Önder Prof. F. N. Can Şımga-Muğan (BILKENT UNIVERSITY, BA) (METU, BA)

Assist. Prof. Engin Küçükkaya (METU, BA)

I hereby declare that all information in this document has been obtained and presented in accordance with academic rules and ethical conduct. I also declare that, as required by these rules and conduct, I have fully cited and referenced all material and results that are not original to this work.

Name, Last name : Fatma, Aksoy Signature :


THE INFORMATION CONTENT OF EARNINGS AND SYSTEMATIC RISK IN CHANGING ECONOMIC CONJECTURE: THE TURKISH CASE Aksoy, Fatma M.B.A., Department of Business Administration Supervisor : Prof. Dr. F. N. Can Şımga-Muğan October 2008, 73 pages This thesis analyses the information content of inflation adjusted financial statements for investors and the informational value of accounting earnings and systematic risk in explaining stock returns in Turkey. Information content of inflation accounting is tested by using event study methodology. Results show…...

Similar Documents

A Risk Analysis for Information Security and Infrastrucure Protection

... A Risk Analysis for Information Security and Infrastructure Protection Special Topics in Criminology and Criminal Justice Columbia Southern University January 03, 2012 A Risk Analysis for Information Security and Infrastructure Protection OBJECTIVE The sole purpose for performing a risk analysis for IT systems is to ensure businesses and or organizations, whether small or large to accomplish its missions by better securing the IT systems that store, process, or transmit organizational information. The primary function of risk analysis is to identify and correct the vulnerabilities and threats of an IT system. It enables management to make well-informed risk management decisions and justify the spending that is part of an IT budget. This also assists management in authorizing or accrediting the IT systems based on the performance results of a risk analysis. TARGET AUDIENCE Risk analysis will encompass a basic guide for experienced and inexperienced, technical and non-technical personnel who support or use risk analysis for their IT systems. This will included a detail listing and job description of personnel based on the National Institute of Standards and Technology (NIST) research: Senior management and mission owners make decisions about the IT security budget, and they ensure the implementation of risk management for agency systems and the security provided for the IT systems. The Designated Approving Authority (DAA) is......

Words: 1308 - Pages: 6

Cmgt442: Information Systems Risk Management, asstakeholder perspective needs to be maintained throughout the projected project. Unclear system orsecurity requirements will need to be addressed and resolved prior to the analysis phase.The benefit election system needs to be designed and tested from an environmental point of which it will be deployed. Security requirements will need to be addressed within such documentationas: 1. Operational environment specifications 2. Diagrams specifying trust, and risk boundaries. Pertaining dataflow diagrams 3. Resource specifications, with outlined capabilities 4. Comparison of resource specifications to users of resources , being implemented withinthe set requirements. 5. Possible points of security breach by cyber attacker, with possible cyber attacker profile 6. Scenario cases of misuseThe individual with whom the project manager assigns these tasks will need to produce oranalyze these requirements for validity during the development process. Validly of theserequirements will double-check security content for inconsistent types, invalid assumptions, andtechnical inaccuracies. Special attention should view the cyber attacker profile as manyenterprises and organizations do not become attentive enough to insider risks.Many requirements are not referred through security relationships. Nether the less, theserequirements need to be addressed. Reflect relationship to resources through the data flowdiagram which are relevant to the specific requirement, assessing......

Words: 280 - Pages: 2

Manage Risk in Information Technology

...Purpose The purpose of this disaster recovery plan is to provide guidelines and procedures to be followed to facilitate the rapid recovery from an actual disaster. It also is designed to get information that would be required in a disaster situation. This information could require costly hours and even be impossible to attain after a disaster strikes. Many portions of this plan will change with time. Therefore the plan must be updated and maintained as changes occur. It is intended that the plan be reviewed by senior management at least annually during the fourth qtr of the year. All team leaders are expected to keep staff personal information contained in the appendices of this plan confidential. All team leaders are expected keep a copy of the Disaster Recovery Plan readily assessable from home and a copy readily assessable at their office location at all times. Levels of Disasters There are three levels of disasters which require different actions. Level 1 – Short-term or temporary equipment outages. These outages can be caused by power or equipment failure and may last up to 24 hours. In the event of rolling black outs or other short term power outages Perfect -10’s normal priority of concerns will be in effect. The first step is the safety of all members and staff. Second we want to protect the assets of Perfect -10’s and finally we want to make everyone involved as comfortable as possible. The senior member of management at each location will ensure that the......

Words: 2406 - Pages: 10

Managing Risk in Information Systems

...Standard (PCI DDS). The mission of PCI DDS is to develop, maintain, enhance, and disseminate security standards for payment card data protection. The implementation of the company accepting credit card payments must be well thought out, so the company may provide a secure framework for this service to operate in. By the company not minimizing risk , and providing continual check mechanisms and new service could become a potential nightmare. Nightmares put companies out of business. Merchants and payment card processors must apply the information security best practices to ensure the least possible risk to clients. There are 12 points of requirements for businesses that store, process, or transmit payment card data. For our purposes under PCI, we are going to look at 3 components that apply which are assess, remediate, and report. When you assess, you are taking an inventory of your IT assets business processes for payment card processing. During this inventory you analyze and locate any vulnerability that could expose card holder data. After you assess your vulnerabilities you remediate them by fixing the exposures that put the company at risk. Finally, the last fast is your report. The report process validates what has been implemented to meet compliance for local and global payment procedures by credit card. These steps assure payment card data safety. As the IT professional for YieldMore, I would advise them on the best possible implementation of PCI DSS best......

Words: 640 - Pages: 3

Information Content

...Advance Questions Information content of equity analyst reports Required reading: Page 245-259, 276-281 The following questions would help you read through this paper and prepare for the discussion of this paper in class. 1. How does a typical analyst report look like? What are the major signals that you can use / construct for trading purpose? Analyst report: is the culmination of a process that includes the collection, evaluation, and dissemination of information related to a firm’s future performance. * The majority of analyst report includes 3 key measures: * 1) earnings forecast * 2) stock recommendation (buy/sell/hold) * 5 Distinct Recommendations: strong buy, buy, hold, sell, strong sell (For each recommendation, assess whether to upgrade, iterate or downgrade) * 3) price target * These reports frequently present extensive quantitative and qualitative analysis supporting the summary measures. (R2, regression, etc) When we read analyst reports, we have to be suspicious, since their analysis differ and might have access to only popular information. 2. How to measure the accuracy of price targets? Can you construct other measures of your own? We consider a price target prediction to be accurate if the analyzed firm’s stock price equals or exceeds the 12-month projected price at any time during the year following the release of the report. Construction of other measures: you can take the average of the 12...

Words: 775 - Pages: 4

Dlis Information Security Risk Assessment

...| DLIS Compliance Risk Management Plan | | | Battle Creek, MIRich FranklinMauricio MosqueraHerby ThomasLouis Zayas * 13-Jan-14 | | * Table of Contents COVER 1 TABLE OF CONTENTS 2 DOCUMENT CHANGE LOG 3 Project Risk Management Plan Purpose AND SCOPE 4 Key Roles and Responsibilities 4 Risk Management Process and Activities 5 Risk Management Plan Audit Log 5 Risk Assessment and Management Table 6 COMPLIANCE LAWS AND REGULATIONS 8 PROPOSED SCHEDULE 9 Risk Management Plan Approvals 10 * Department: Information Technology Product or Process: Risk Management Document Owner: Battle Creek, MI IT Version | Date | Author | Change Description | 0.1 | 1/6/14 | RFranklin | Initial Draft | 0.2 | 01/12/14 | RFranklin | Revision 1 | 0.3 | 1/13/14 | RFranklin | Revision 2 | * Project Risk Management Plan Purpose and Scope The purpose of this Risk Management Plan is to identify the strategies, methods, and procedures to be used within the Michigan Air National Guard, Battle Creek, Michigan supply chain in identifying, evaluating, and mitigating the risk involved in daily and long term operations. All Department of Defense and federal agencies must at least comply with the minimum standards set forth in Law, DOD directives, branch of service regulations, and local base regulations. This plan provides local guidelines for applying the FISMA standards using...

Words: 1209 - Pages: 5

Managing Risk in Information System

...1. What is the Principle of Least Privilege?
 In information security, computer science, and other fields, the principle of least privilege requires that in a particular abstraction layer of a computing environment, every module must be able to access only the information and resources that are necessary for its legitimate purpose.
 2. What does DACL stand for and what does it mean?
 DACL stands for Discretionary Access Control List. Discretionary access control lists (DACLs, but often shortened to ACLs) form the primary means by which authorization is determined. An ACL is conceptually a list of pairs, although they are significantly richer than that.
 3. Why would you add permissions to a group instead of the individual?
 To grant hierarchical access to teams or groups such as company departments or development teams.
 4. Why would you allow shared access to groups instead of to everyone?
 Allowing shared access to groups rather than to everyone limits access to only those added to that group. This helps keep the information secured to only those who need access.
 5. List at least 3 different types of access control permissions you can enable for a file.
 read, write, execute
 6. Which access control permissions allow you to delete files and/or folders?
 modify and full control
 7. What is the lowest level permission needed in order to view the contents of a folder?
 8. If you don't remember the syntax when using iCalcs.exe what command do you type in to......

Words: 278 - Pages: 2

Information Systems Risk Management

...University Of Phoenix CMGT/441 - INFORMATION SYSTEMS RISK MANAGEMENT Week-4 assignment Wonyie V. Zarwee November 29, 2010 While it lessens the burden on organizations, reducing and shifting the cost and risk of its IT operation, security and management issues to an external service provider or vendor, outsourcing any portions of an organization's Information System has significant risks that can sometimes become detrimental to the outsourced organization. According to the Commission on Government Outsourcing, "when outsourcing an organization exposes itself to significant risks in terms of security, accuracy, and completeness of information (Holroyd City Council, 2008)". Comprised in the rest of this document is an exclusive examination of four different outsourcing activities and the associated risks that an organization needs to be aware of. Let me begin with the use of an external service provider for data storage for an organization. This situation is mostly attributed to midsized and few large business with less capital to develop and operate a databases of their own. They may neither have the finance to purchase and operate a database adequately nor the additional funding to hire a skilled IT team to manage a database in-house. In an attempt to effectively and securely manage their data at a lower and affordable budget, many of these organizations choose to outsource their data storage. Even though outsourcing of their database helps an organization to...

Words: 1125 - Pages: 5

Business Impact Analysis and Risk Assessment for Information Resources

...University Business Impact Analysis and Risk Assessment for Information Resources General Information & Process Description Introduction The IT Security and Policies area within Information Technology Services is responsible for establishing policies to ensure that Iowa State University has a secure information technology environment. This document defines a process for departments to perform a business impact analysis and risk assessment for their information resources. Once an assessment has been done, the resulting documents should be maintained and regularly reviewed by the department. By using the business impact analysis and risk assessment tool defined in this document, departments have the capability to identify and respond to risks for their systems and information resources. Departments are encouraged to contact the Information Technology Security and Policies area at 4-2588 if they have specific questions or if they would like to arrange a meeting to discuss the process on an individual basis. Business Impact Analysis and Risk Assessment Guaranteed absolute security in today’s information technology environments is not realistic. However, it is important to have a process of identifying resources and associated risks, determining their magnitude, and identifying what safeguards are needed. That process is what we are referring to as business impact analysis and risk assessment. It is the......

Words: 3038 - Pages: 13

Management Information Sys

...serve the purpose of the website. * Are the sub-topics linked in turn to other sites that provide reliable and relevant information? * Do the links work? All the website links works perfectly fine. * How objective is the website? Is a particular viewpoint presented in the website? If so, what is the viewpoint? If not, give evidence of how the website covers more than one viewpoint. Be sure to state what viewpoints are covered. Does the website present( Facts Opinions Both facts and opinions ) * Perhaps most importantly, in your judgment, have you learned a little or a lot of useful information from the site? From my judgment, I have learned a lot of useful information. * Do you think the overall message of the site is biased or is based on opinion rather than evidence? The website overall message is based on evidence, such as pictures, videos and articles. * Are multimedia elements used sparingly and for a specific purpose? Or are they distracting? All the multimedia of this website are used evenly to support the overall concept. * Does the site take a long time to load? Although the website contains lots of photos and videos still it loads load faster without interruption or buffering. * Does the site claim to be selective or comprehensive? The site is comprehensive of all the needed information. * Are the topics explored in depth? The website topics are explored briefly....

Words: 420 - Pages: 2

Risk Assessment in Information Technology

...Risk Assessment in Information Technology Risk Assessment in Information Technology This paper will address risk assessment in Information Technology and discuss factors used to identify all kinds of risks in company network diagram. It will also assess the risk factors that are inclusive for the Company and give the assumptions related to the security data as well as regulatory issues surrounding risk assessment. In addressing the global implications, the paper will propose network security vulnerabilities and recommend the mitigation measures for the vulnerabilities. Cryptography recommendations based on data driven decision-making will be assessed, and develop risk assessment methodologies. Risk assessment in Information Technology Risk assessment is one of the mitigation methods for the Networks design. The scanners or vulnerability tools are used to identify the risks or vulnerabilities within the network design. The risks can be identified by these tools as they extend beyond software detects to incorporate other easily vulnerabilities including mis-configurations (Rouse, 2010). The shareware assessment tools are accessible online and can be used to supplement commercial scanners. Framework of risk assessment * Step 1 – categorizing information and information systems. Here unique department traits are highlighted and assigned impact levels (high, medium or low) in line with the security FISMA’s security objectives (confidentiality, integrity and......

Words: 3240 - Pages: 13

Risk Information Sheet

...Risk Information Sheet | Risk id: PO2-4-32 | Date: March 4, 2014 | Probability: 80% | Impact: High | Description: | Over 70% of the software components scheduled for reuse will be integrated into the application. The remaining functionality will have to be custom developed. | Refinement/Context: | * Certain reusable components were developed by a third party with no knowledge of internal design standards. * Certain reusable components have been implemented in a language that is not supported on the target environment. |   | Mitigation/Monitoring: | * Contact third party to determine conformance to design standards. * Check to see if language support can be acquired. |   | Management/Contingency Plan/Trigger: | * Develop a revised schedule assuming that 18 additional components will have to be built. * Trigger: Mitigation steps unproductive as of March 30, 2014 |   | Current Status: | In process | Originator: | Jane Manager | Use the above as an example to complete the assignment – the following pages contain the blank sheet for your risks. Risk Information Sheet | Risk id: PO2-4-33 | Date: March 6, 2016 | Probability: 80 | Impact: High | Description: | Since the migration of the data from the SQL Server to Oracle will take a considerable amount of time due to the complex migration, data integrity can be at risk. | Refinement/Context: | * Whole process would be forced to stopped should issues occur...

Words: 575 - Pages: 3

Managing Risk in Information System

... JONES AND BARTLETT LEARNING JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES Managing Risk in Information Systems DARRIL GIBSON 91872_TPCP_Gibson.indd 1 7/23/10 2:19 PM World Headquarters Jones & Bartlett Learning 40 Tall Pine Drive Sudbury, MA 01776 978-443-5000 Jones & Bartlett Learning Canada 6339 Ormindale Way Mississauga, Ontario L5V 1J2 Canada Jones & Bartlett Learning International Barb House, Barb Mews London W6 7PA United Kingdom Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to Copyright © 2011 by Jones & Bartlett Learning, LLC All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright......

Words: 182687 - Pages: 731

Information Technology Risk in the Banking Sector in Bangladesh

...ASIAN UNIVERSITY Of BANGLADESH ASSIGNMENT ON Information Technology Risk In The Banking Sector IN Bangladesh Course Title: Working Capital Management Course Code: BBA-4122 Submitted To: Md. Munsur Ahamed Lecturer, Department of Finance,AUB Submitted By Group-E Name | ID NO: | BATCH | SECTION | Nargis Akter | 200820324 | 33rd | Finance(A) | Shamima Ferdaus | 200820558 | 33rd | “ | Syeada Kohenur Begum | 200820786 | 33rd | “ | Umma kulsum | 200820367 | 33rd | “ | Umme kulsum Binte Nazrul | 200820554 | 33rd | “ | Submission Date: 25-March-2012 DEDICATION PAGE I want to dedicate this Assignment to my honorable teacher Munsur Ahamed (Lecturer , Department of Finance, AUB ), who encourage and help me utmost to complete such a typical assignment. ACKONOLEDGEMENT PAGE I attempt to make a typical assignment, to complete these assignment many person help me. Thanks my honorable teacher Munsur Ahamed ( lecturer , Department Finance AUB. ) To collect some information I got help from many books and Internet so thanks Asian University Library and computer lab thanks my all friends who help me to complete a good assignment. At last thanks to Almighty Allah. Information Technology Risk In The Banking Sector In Bangladesh Abstract Continuous technological development, particularly, information technology revolution of the last two decades of the 20th century has forced the banks to introduce the e-banking operation......

Words: 5900 - Pages: 24

Information Risks - Kudler Fine Foods

...Internal Control and Risk Evaluation Kudler Fine Foods requested information on the controls that would be required if the company chose to follow the flowcharts prepared by Team A in Week Two. The following information will analyze the risks, identify the risks and internal control points, design internal controls, evaluate the application of internal controls, and discuss other controls. Risks With Point of Sale Cloud Computing After discussion, Team A chose to recommend a Point of Sale Cloud Computing System to Kudler Fine Foods. By design, the Cloud Computing System allows a company to determine how much capacity is needed and allows them to change the scalability as needed. Kudler Fine Foods would no longer need to be concerned with storage or having the internal resources available to maintain an in-house system. This allows a company with several locations to have access to real-time information, twenty-four hours a day and seven days a week. The Cloud Security Alliance (CSA) has outlined several risks that are associated with Cloud Computing Technology. While there are many benefits to Cloud Computing, it is important to understand the risks involved. According to “CSA Threats” (2010), “customers are also very concerned about the risks of Cloud Computing if not properly secured, and the loss of direct control over systems for which they are nonetheless accountable” (Executive Summary). The first threat mentioned is abuse. Criminals continue to work on......

Words: 970 - Pages: 4