This study examines the relationship between information systems complexity and information systems vulnerability from the perspective of the enhanced internal controls after Sarbanes-Oxley. It is conjectured that the increased statutory and regulatory requirements on more stringent internal controls increase information systems complexity and, therefore, increase information systems vulnerability. This study hypothesizes that the increased information systems complexity also increases information systems vulnerability even though the overall internal control is improved. The results of the empirical tests support the hypotheses.

You do not currently have access to this content.