Journal of Information Systems
We examine how an IT service provider’s persuasive communication related to SOC2 report findings influences management’s (i.e., user-entities’) perceptions of the outsourced services. Within SOC2 reports, service providers can attempt to influence management’s impressions of auditor-identified issues and, due to the report’s limited audience, also follow-up with management about these issues. Using dual-process theories of persuasion, we predict the type of persuasion used by a service provider in a SOC2 report (contend or concede), and its consistency with follow-up persuasive appeals (contend or concede), will influence management’s perceptions of the services provided. In an experiment, only when the service provider first contends the auditor’s findings does a follow-up concession (rather than contention) result in more favorable perceptions. Persuasion tactics also influence management’s processing of risk factors, which impact their trust in the service. Thus, IT service providers’ initial and follow-up persuasive communications influence management’s assessment of SOC2 auditor-identified issues.
Sheldon, Mark D.; Bhattacharjee, Sudip; and Barkhi, Reza, "The Impact of Persuasive Response Sequence and Consistency when IT Service Providers Address Auditor-Identified Issues in SOC2 Reports" (2022). 2022 Faculty Bibliography. 44.
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.