With the increase in digital automation of financial statements and computer-based audit evidence, I examine whether and how auditors help prevent data breaches. I use two plausibly exogenous shocks (regulation based and learning-experience based) and find that improvements in auditing reduce the likelihood of data breaches. I then conduct interviews and an anonymous survey to collect information on mechanisms that are not captured by the empirical analyses. Consistent with a complementary relationship between auditors and their clients in preventing data breaches, I find the effect is larger in firms with more integrated data systems, a greater percentage of board members on the audit committee, and stronger internal controls. Overall, these results support a disciplining effect of auditing processes (e.g., audit procedures and testing) on reducing a new kind of agency friction between firms and data providers.




Downloads Statistics

Download Full History