The primary purposes of this study are to identify and validate a list of necessary skills required to ensure good data privacy protection for organizations, recognize potential privacy service providers, compare the perceived skill levels of potential providers, and test the impact of an educational brochure developed by the AICPA designed to communicate how and why members of the accounting profession are qualified to conduct privacy engagements. A total of 82 corporate managers representing 27 companies participated in a randomized between‐subjects experiment where they responded to skill‐related items either before or after reading the privacy brochure. Factor analysis of 17 skill items revealed four factors: technical, legal, control/assurance, and strategic. The following potential service providers were identified: law firms, CPA firms (both Big 5 and non‐Big 5), security consultants, and e‐business consultants. Study findings suggest that all four of the skill constructs are necessary in providing good data privacy protection. Before reading the brochure, the highest construct index means (potential providers) were as follows: technical (e‐business consultants), legal (law firms), control/assurance (CPA firms and security consultants), and strategic (security consultants). After reading the brochure, CPA firms moved significantly higher on technical, legal, and strategic skills; additionally, CPA firms were ranked among the highest service providers in all areas except legal skills, where law firms continued to predominate.

This content is only available via PDF.
You do not currently have access to this content.