The Impact of Cybersecurity Risk Disclosures on Audit Fees and Cost of Debt: Evidence from Firms Listed on the Tehran Stock Exchange

As digital infrastructure becomes central to corporate operations, cybersecurity has fundamentally evolved into a critical governance imperative. Consequently, the transparent disclosure of cybersecurity risks and mitigation strategies serves as a vital mechanism for communicating enterprise resilience. This study empirically investigates the dual economic consequences of cybersecurity risk disclosures on audit pricing and debt financing costs within a highly volatile emerging market context. Utilizing a comprehensive panel dataset of non-financial firms continuously listed on the Tehran Stock Exchange from ۲۰۱۹ to ۲۰۲۴, the research employs firm-fixed effects regression models to rigorously control for unobserved time-invariant heterogeneity and endogeneity. Drawing upon signaling theory and the audit risk model, the empirical findings reveal a statistically significant, bidirectional economic impact. First, the results document a robust positive relationship between the comprehensiveness of cybersecurity disclosures and audit fees. External auditors perceive extensive cyber disclosures as indicative of a highly complex digital risk environment, which inherently necessitates an expanded audit scope, elevated effort, and the deployment of specialized IT audit personnel. Conversely, the analysis establishes a significant negative association between these precise disclosures and the cost of debt. By proactively communicating their cyber risk management frameworks, firms effectively reduce information asymmetry with institutional lenders. This heightened transparency signals robust corporate governance and a minimized probability of systemic operational disruption, which creditors subsequently reward with substantially reduced borrowing costs, thereby elucidating the complex cost-benefit dynamics of non-financial risk reporting.As digital infrastructure becomes central to corporate operations, cybersecurity has fundamentally evolved into a critical governance imperative. Consequently, the transparent disclosure of cybersecurity risks and mitigation strategies serves as a vital mechanism for communicating enterprise resilience. This study empirically investigates the dual economic consequences of cybersecurity risk disclosures on audit pricing and debt financing costs within a highly volatile emerging market context. Utilizing a comprehensive panel dataset of non-financial firms continuously listed on the Tehran Stock Exchange from ۲۰۱۹ to ۲۰۲۴, the research employs firm-fixed effects regression models to rigorously control for unobserved time-invariant heterogeneity and endogeneity. Drawing upon signaling theory and the audit risk model, the empirical findings reveal a statistically significant, bidirectional economic impact. First, the results document a robust positive relationship between the comprehensiveness of cybersecurity disclosures and audit fees. External auditors perceive extensive cyber disclosures as indicative of a highly complex digital risk environment, which inherently necessitates an expanded audit scope, elevated effort, and the deployment of specialized IT audit personnel. Conversely, the analysis establishes a significant negative association between these precise disclosures and the cost of debt. By proactively communicating their cyber risk management frameworks, firms effectively reduce information asymmetry with institutional lenders. This heightened transparency signals robust corporate governance and a minimized probability of systemic operational disruption, which creditors subsequently reward with substantially reduced borrowing costs, thereby elucidating the complex cost-benefit dynamics of non-financial risk reporting.