J. H. Allen, Governing for Enterprise Security (GES), Implementation Guide: Characteristics of Effective Security Governance1. USA: Carnegie Mellon University, pp.5-7, 2005.

S. J. Andriole, Boards of Directors and Technology Governance : The Surprising State of the Practice Boards of Directors and Technology Governance : The Surprising State of the Practice I, Boards And Technology Governance. Fortune, vol.24, pp.373-394, 2009.

R. Brisebois, G. Boyd, and Z. Shadid, What is IT Governance and why is it important for the IS auditor, The INTOSAI IT Journal, issue.25, pp.30-35, 2007.

S. E. Chang and C. B. Ho, Organizational factors to the effectiveness of implementing information security management, Industrial Management and Data Systems, vol.106, 2006.

W. W. Chin, B. L. Marcolin, and P. R. Newsted, A partial least squares latent variable modeling approach for measuring interaction effects: Results from a Monte Carlo simulation study and an electronic-mail emotion/adoption study, Information Systems Research, vol.14, issue.2, pp.189-217, 2003.

S. K. Dangolani, The Impact of information technology in banking system (A case study in Bank Keshavarzi IRAN), Procedia-Social and Behavioral Sciences, vol.30, pp.13-16, 2011.

P. F. Daniel and J. Frances, The Academy of Management Review, vol.24, issue.3, pp.489-505, 1999.

. Ffiec, FFIEC Updates Cybersecurity Expectations for Boards, 2017.

D. P. Forbes and F. J. Milliken, Cognition and Corporate Governance : Understanding Boards of Directors as Strategic Decision-Making, 1999.

C. Fornell and D. F. Larcker, Structural equation models with unobservable variables and measurement error: Algebra and statistics, Journal of Marketing Research, pp.382-388, 1981.

J. Gabrielsson, M. Huse, and A. Minichilli, Understanding the Leadership Role of the Board Chairperson Through a Team Production Approach, International Journal of Leadership Studies, vol.3, issue.1, pp.21-39, 2007.

. Gartner, Magic Quadrant for Content-Aware Data Loss Prevention. G00277564, 2016.

L. A. Gordon and M. P. Loeb, The economics of information security investment, ACM Transactions on Information and System Security, vol.5, issue.4, pp.438-457, 2002.

J. F. Hair, R. E. Anderson, R. L. Tatham, and C. William, Multivariate data analysis with readings, 1995.

D. Harrison, P. P. Mykytyn, and C. K. Riemenschneider, Executive Decisions About Adoption of Information Technology in Small Business: Theory and Empirical Tests, Information Systems Research, vol.8, issue.2, p.171, 1997.

K. Heenetigala, Corporate Governance Practices and Firm Performance of Listed Companies in Sri Lanka, Corporate Governance, 2011.

B. E. Hermalin and M. S. Weisbach, The Determinants of Board Composition, RAND Journal of Economics, vol.19, issue.4, pp.589-606, 1988.

C. D. Huang, Q. Hu, and R. S. Behara, Economics of Information Security Investment in the Case of Simultaneous Attacks Economics of Information Security Investment in the Case of Simultaneous Attacks, Information Security, 2006.

J. Jewer and K. N. Mckay, Antecedents and consequences of board IT governance: Institutional and strategic choice perspectives, Journal of the Association for Information Systems, vol.13, issue.7, p.581, 2012.

A. M. Johnson, Business and security executives views of information security investment drivers: Results from a Delphi study, Journal of Information Privacy & Security, vol.5, issue.1, pp.3-27, 2009.

G. C. Kane, D. Palmer, A. Nguyen-phillips, D. Kiron, and N. Buckley, Achieving digital maturity, MIT Sloan Management Review, issue.1, p.59, 2017.

G. C. Kane, D. Palmer, A. N. Phillips, and D. Kiron, Is Your Business Ready for a Digital Future, MIT Sloan Management Review, vol.56, issue.4, pp.37-44, 2015.

S. Kozak, The role of information technology in the profit and cost efficiency improvements in the banking sector, Journal of Academy of Business and Economics, vol.2, issue.1, pp.34-38, 2005.

G. R. Massey and P. L. Dawes, The antecedents and consequence of functional and dysfunctional conflict between marketing managers and sales managers, Industrial marketing management, vol.36, issue.8, pp.1118-1129, 2007.

A. A. Mohammed, Ghanaian Banks Systems at Risk of CybercrimeCyber Security Expert, 2017.

S. Morgan, , vol.14, 2017.

R. Nolan and F. Mcfarlan, Information technology and the board of directors, 2005.

R. Pereira and M. M. Silva, IT governance implementation: The determinant factors, Communications of the IBIMA, p.1, 2012.

P. Institute, Cost of Data Breach, pp.1-30, 2015.

Z. A. Soomro, M. H. Shah, and J. Ahmed, Information security management needs more holistic approach: A literature review, International Journal of Information Management, vol.36, issue.2, pp.215-225, 2016.

D. W. Straub and R. J. Welke, Coping with Systems Risk, MIS Quarterly, issue.404, pp.441-469, 1998.

K. Tatsumi and M. Goto, Optimal timing of information security investment: A real options approach, Economics of Information Security and Privacy, pp.211-228, 2010.

G. Thornton, Locking down the value of data Contents: Executive summary, 2017.

E. Valentine and G. Stewart, Enterprise Business Technology Governance: Three competencies to build board digital leadership capability, 48th Hawaii International Conference on System Sciences, pp.4513-4522, 2015.

J. D. Westphal and L. P. Milton, How Experience and Network Ties Affect the Influence of Demographic Minorities on Corporate Boards, Administrative Science Quarterly, vol.45, issue.2, pp.366-398, 2000.

S. A. Zahra and J. A. Pearce, Boards of Directors and Corporate Financial Performance: A Review and Integrative Model, Journal of Management, vol.15, issue.2, p.291, 1989.